ja.pays-tarusate.org Open in urlscan Pro
2606:4700:3033::ac43:9aca Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Submission: On July 20 via manual (July 20th 2021, 1:27:31 am UTC) from JP

Summary HTTP 446 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 54 IPs in 9 countries across 53 domains to perform 446 HTTP transactions. The main IP is 2606:4700:3033::ac43:9aca, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.pays-tarusate.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 19th 2020. Valid for: a year.

This is the only time ja.pays-tarusate.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:303... 2606:4700:3033::ac43:9aca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.210.107.38 91.210.107.38	50867 (HOSTKEY-R...) (HOSTKEY-RU-AS)
6	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
5	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 69	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
21 61	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
39	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 8	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
4 31	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 5	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
5	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
4 4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
5 5	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
3	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	3.125.99.7 3.125.99.7	16509 (AMAZON-02) (AMAZON-02)
8 8	52.28.120.199 52.28.120.199	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
6 6	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3 6	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
9	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
3	13.224.99.121 13.224.99.121	16509 (AMAZON-02) (AMAZON-02)
3	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2 2	34.240.2.137 34.240.2.137	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
6	54.72.233.75 54.72.233.75	16509 (AMAZON-02) (AMAZON-02)
446	54

29 2606:4700:3033::ac43:9aca (United States)

ASN13335 (CLOUDFLARENET, US)

ja.pays-tarusate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pays-tarusate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.210.107.38 (Russian Federation)

ASN50867 (HOSTKEY-RU-AS, NL)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a02:6b8::1:119 (Moscow, Russian Federation) 21 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:678:cb4:bbbb::11 (United Kingdom) 4 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (Dublin, Ireland) 4 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.253 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.145 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal900010.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.84.244 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal900026.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Schopfheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.99.7 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.28.120.199 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-120-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.198 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.99.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-121.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.29.72.47 (Epsom, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.233 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.2.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.72.233.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	doubleclick.net 12 redirects googleads.g.doubleclick.net static.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	241 KB
76	googlesyndication.com pagead2.googlesyndication.com cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com tpc.googlesyndication.com	1 MB
56	yandex.ru 19 redirects mc.yandex.ru	84 KB
39	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	773 KB
29	pays-tarusate.org ja.pays-tarusate.org pays-tarusate.org	3 MB
20	googletagservices.com www.googletagservices.com	664 KB
19	google.com 1 redirects www.google.com adservice.google.com	18 KB
12	webgains.com track.webgains.com diapi.webgains.com	117 KB
11	redintelligence.net 2 redirects hal9000.redintelligence.net hal900010.redintelligence.net hal900026.redintelligence.net	19 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	165 KB
9	webgains.io analytics.webgains.io api.webgains.io	180 KB
9	youtube.com www.youtube.com	660 KB
8	bidswitch.net 8 redirects x.bidswitch.net	3 KB
8	turn.com 4 redirects ad.turn.com r.turn.com	3 KB
8	mathtag.com tags.mathtag.com pixel.mathtag.com	6 KB
7	google.de adservice.google.de	2 KB
6	awin1.com 3 redirects www.awin1.com	4 KB
6	ad4mat.net static-de.ad4mat.net prod-rtb.ad4mat.net	12 KB
6	googleadservices.com partner.googleadservices.com	1008 B
6	zx-adnet.com cdn.zx-adnet.com	125 KB
5	adform.net 5 redirects c1.adform.net	3 KB
5	sitescout.com pixel-sync.sitescout.com	955 B
5	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	65 KB
5	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com	77 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com	2 KB
3	congstar.de banner.congstar.de	2 KB
3	w55c.net 3 redirects pm.w55c.net	3 KB
3	quantserve.com 1 redirects cms.quantserve.com	1 KB
3	blismedia.com tr.blismedia.com	363 B
3	newrrb.bid newrrb.bid	18 KB
2	de17a.com 2 redirects d5p.de17a.com	722 B
2	avct.cloud 2 redirects ads.avct.cloud	890 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	contentspread.net cdn.contentspread.net	119 KB
2	admedo.com 2 redirects pool.admedo.com	713 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	adsrvr.org match.adsrvr.org	529 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
2	addtoany.com static.addtoany.com	62 KB
1	rfihub.com 1 redirects p.rfihub.com	777 B
1	travelaudience.com 1 redirects ads.travelaudience.com	610 B
1	simpli.fi 1 redirects um.simpli.fi	706 B
1	onetrust.com geolocation.onetrust.com	387 B
1	wpushsdk.com js.wpushsdk.com	3 KB
1	ytimg.com i.ytimg.com	10 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	nawpush.com na.nawpush.com	352 B
1	jquery.com code.jquery.com	29 KB
1	load02.biz load02.biz	20 KB
1	cstwpush.com cst.cstwpush.com	60 KB
446	53

	Domain	Requested by
56	mc.yandex.ru	19 redirects ja.pays-tarusate.org
47	pagead2.googlesyndication.com	cst.cstwpush.com securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ja.pays-tarusate.org www.googletagservices.com
31	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net ja.pays-tarusate.org
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
27	pays-tarusate.org	ja.pays-tarusate.org pays-tarusate.org
22	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.pays-tarusate.org
20	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net
18	assets.ad4m.at	as.ad4m.at
17	googleads.g.doubleclick.net	2 redirects www.youtube.com pagead2.googlesyndication.com googleads.g.doubleclick.net cdn.zx-adnet.com ja.pays-tarusate.org
15	ad4m.at	googleads.g.doubleclick.net ad4m.at
12	www.google.com	1 redirects www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	track.webgains.com	as.ad4m.at track.webgains.com analytics.webgains.io
9	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
9	www.youtube.com	ja.pays-tarusate.org www.youtube.com
8	x.bidswitch.net	8 redirects
7	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	api.webgains.io	analytics.webgains.io
6	www.awin1.com	3 redirects as.ad4m.at
6	ad.doubleclick.net	6 redirects
6	as.ad4m.at	ad4m.at as.ad4m.at
6	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
6	partner.googleadservices.com	pagead2.googlesyndication.com
6	cdn.zx-adnet.com	ja.pays-tarusate.org cdn.zx-adnet.com pagead2.googlesyndication.com
5	hal900026.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900026.redintelligence.net
5	c1.adform.net	5 redirects
5	pixel-sync.sitescout.com	googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects ja.pays-tarusate.org
4	hal900010.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900010.redintelligence.net
4	pr-bh.ybp.yahoo.com	4 redirects
4	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
4	r.turn.com	googleads.g.doubleclick.net ja.pays-tarusate.org
4	ad.turn.com	4 redirects
3	diapi.webgains.com	track.webgains.com
3	analytics.webgains.io	track.webgains.com
3	banner.congstar.de	as.ad4m.at
3	pm.w55c.net	3 redirects
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
3	prod-rtb.ad4mat.net	ja.pays-tarusate.org googleads.g.doubleclick.net
3	static-de.ad4mat.net	ad4m.at
3	tr.blismedia.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	ja.pays-tarusate.org googleads.g.doubleclick.net
3	newrrb.bid	ja.pays-tarusate.org newrrb.bid
2	d5p.de17a.com	2 redirects
2	ads.avct.cloud	2 redirects
2	tracking.m6r.eu	2 redirects
2	cdn.contentspread.net	hal900010.redintelligence.net hal900026.redintelligence.net
2	ajax.googleapis.com	hal900010.redintelligence.net hal900026.redintelligence.net
2	pool.admedo.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel.mathtag.com	tags.mathtag.com
2	hal9000.redintelligence.net	ja.pays-tarusate.org
2	match.adsrvr.org	googleads.g.doubleclick.net
2	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects ja.pays-tarusate.org
2	cdn.mgid.com	ja.pays-tarusate.org
2	cdn.jsdelivr.net	ja.pays-tarusate.org
2	static.addtoany.com	ja.pays-tarusate.org static.addtoany.com
2	ja.pays-tarusate.org	ja.pays-tarusate.org
1	p.rfihub.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	js.wpushsdk.com	cst.cstwpush.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	na.nawpush.com	cst.cstwpush.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	code.jquery.com	ja.pays-tarusate.org
1	load02.biz	ja.pays-tarusate.org
1	cst.cstwpush.com	ja.pays-tarusate.org
1	jsc.mgid.com	ja.pays-tarusate.org
446	76

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.addtoany.com
pays-tarusate.org
ar.pays-tarusate.org
bg.pays-tarusate.org
cs.pays-tarusate.org
da.pays-tarusate.org
de.pays-tarusate.org
el.pays-tarusate.org
es.pays-tarusate.org
et.pays-tarusate.org
fi.pays-tarusate.org
hi.pays-tarusate.org
hr.pays-tarusate.org
hu.pays-tarusate.org
id.pays-tarusate.org
it.pays-tarusate.org
iw.pays-tarusate.org
ko.pays-tarusate.org
lt.pays-tarusate.org
lv.pays-tarusate.org
ms.pays-tarusate.org
nl.pays-tarusate.org
no.pays-tarusate.org
pl.pays-tarusate.org
pt.pays-tarusate.org
ro.pays-tarusate.org
ru.pays-tarusate.org
sk.pays-tarusate.org
sl.pays-tarusate.org
sr.pays-tarusate.org
sv.pays-tarusate.org
th.pays-tarusate.org
tr.pays-tarusate.org
uk.pays-tarusate.org
vi.pays-tarusate.org
cn.pays-tarusate.org
tw.pays-tarusate.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-19` - `2021-11-18`	a year	crt.sh
newrrb.bid R3	`2021-06-17` - `2021-09-15`	3 months	crt.sh
blog.ippachi.com GTS CA 1D4	`2021-07-13` - `2021-10-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
cstwpush.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
load01.biz R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
na.nawpush.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
js.wpushsdk.com R3	`2021-07-05` - `2021-10-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Frame ID: 55FC4C84C8157F985332709BF4743355
Requests: 139 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
Frame ID: 1BD6C31DA0CE8EA909A7FC32EB8C836B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: E65105D6A7C3C60EE5CA6908154487A3
Requests: 1 HTTP requests in this frame

Frame: https://cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 089A77EF1DEC1D313A8712C430150193
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0YkHua5-fS4X1galcJODMOhF6WS40iBJ2heYUml2zdFoDAyoYxqm5k_HNIY_N79M6BOPRFESSYBEWKwDaHw4DFtf8c9A6ISzgD5SsQSeBV9IszkQljQb37n5rFOUV-fbmkWzJa4mZcsRR8zTtzmC0iTR-_5rW-WG7aY7LIRZcEvfQZOjJ-bWg-Pjubs42wcCBeLdo1dExipwk4uL4b2ffcspEE4FAhvW-R3cDgti8Ny-o-MH0f_kRpttiFRA3Q26ps_Kkb-AvRFSEa_9wbgLmV1ElBUuRovMS6Fv2_fHX_itAWxtlAHYeQuYbyqz4EbG3YSV-vfocbMhUccQovlDd&sig=Cg0ArKJSzDLOMcSTPT_KEAE&urlfix=1&adurl=
Frame ID: D72A523429622B8502E2D3DC2C0668A3
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlfgqgB-o0Pek4dGooG8hRPIO-e72wCgPCHGtgCh1vUxsqAurTlSSRToiqtT78I5EmOW4-1MY3Lej0d-7tdwHCyKxv0RCb2yolV8bVbMTduHgFPltjBv0h78Uluatajj2hkQxmO_mEPmBQwVTP2SAVf28zzSaLZnhXCKn0V0MjO0dKvCM7uX0xEfgCmZgrDsbXbTc0j57yN0FUaMnazwiYmbvoP97wxjMYrBM-Totd1IVTM3-6GpYIv940iZGMY1P6NClFfpXcU1yiawa14ukRtWCdSw3n-angoCGGAcsQK2f-6lnsc8m63JAwd0Tk_8Un8lY5vI_tXEf9&sig=Cg0ArKJSzG2VuSdyW3vfEAE&urlfix=1&adurl=
Frame ID: 3C68F1D11673C89ABBA029DD8A66FBF2
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVbCWljC-ZqD9UUO7zRbm5Ko9Ph9ujkCeX5ublm3XF_zK0cbyAnNzrt9cnF09pt-sAzVlNfVsHZrjsJoGTi-EnsfG7sjO5I8VSyKsNvNqsisXbDJfAMUNWnCGvkIV9QkU_XX7cKlgXvKLjX9Kqu1Ht1yCjlmDir5fh4lo8IS3XnC453zDZ7vklFKE7iVSe_hiB7j3on6dpVcBUIYOLCyXVptQ2oSFmAss8kcJyX2eg5putTaE8vSHUCcCSFIRCdOW4DDvGrAmKVEkszY9gMQjVDk2q8spxMXksFk6uRxOc3RkA8jFAWfjYc6GzXGLK6oBJVy8to5Qa2XGnyZXQnjIl&sig=Cg0ArKJSzG7PiAK1q5_OEAE&urlfix=1&adurl=
Frame ID: 3984F6983A02ACF9CC46B45F5DEB3FC6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Frame ID: 69C208F395F630CA5A98E1C6B612C496
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFqwb8lEUips1CgNY-yEok-URuc_aBTsMJ1kLfcACUrP4QWLVB7f-n7Af3SiF-VWDbQwWQdkWv3vdxc8Vjj55wNb1s7V-VbDsac-cTmD4j2ohw5CR6WKS2pfMOpyHZ_sMppof9DXQ1V3klGMe8ANSbf2o12TgDGpb9CfSnZyeFotx4jOjg7A5MoDFC2g2y-QyauenzNg4av9A-l3wVzO4LPPzxAHgZkW5CsG_xdREw1Jng5dj9rlWaDhGVxeRgdbZgHX6TQBox6GYpY2HT4E81bPR2Vq-6UyQ5kwJEWm_-XXDaKdZI9PSXuwtxJVjsc5zh5-h7I6QClno1&sig=Cg0ArKJSzPtuuS89PtcREAE&urlfix=1&adurl=
Frame ID: 9D8870FD2DAE002D582FB0A3A516644E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
Frame ID: A00835E978C2C4C6F0B443DF172B6B02
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstS20z_AYyahmMOsDDphZdWhJUKVkHnpbn6IiWctvxOEvY6grfUDBxfPYY_YViDanbxkquC5gfAUkNH6p7cYSA-5WOPkjD8Gm8M9I5tjXlyaM35KVUrFKby8G0UftVe74ZyJLAj2r6khBUxFakGKop4u5uzk66VHCAGD0mztKKsCTzt4RiGiDpAryIMALQVOUaHMKndF5roBH7kys6av97nBbyI-kY-__cDjF42Po1tC-Mf5PThmTr9a9v5AFuDWiJK7LJ0Eg17IptjeCdz_vd-FxtYeIj8JbxQrBx_i7M_8lEz2POCpR_kAUFUIepxvsJk9oEiB4PuFb5C7qjNXBCN&sig=Cg0ArKJSzFcUv7TT18HxEAE&urlfix=1&adurl=
Frame ID: 594751B1D209C7957E46B442531089AE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
Frame ID: 33D07D9A9FB412E833FDABCE605E8454
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWs2RapKtkQx7znkCXk8jM8zOHhH0dxpnTZaF43czf_kUQQVviNSsWhFijDPNhhTv0VcJn-60-nptOSIDhREztA0sanAp3nfviwAK71BYgnG0HlSDeJApenMZ6av8HLT9uWe73Skx1e6HiG0I6aUVL9bB-nKqV8sZwVOT2nnMeR08hbG__rdpiwk4Qd_pOwuesF2nRoh1_izzFiLzg2OaNq09F81AQD1-4HDFam5NvmX2ItZDJnuwqCqFlmSNGz0WM35aYwrbhxVetSCazrCniL8znZ_l6rJEGCZnMT25UaccE1IRGqIZnRDX-zJ5vnl-y-Jz1isbH167ehqxF3m92&sig=Cg0ArKJSzFPzw31yR9PPEAE&urlfix=1&adurl=
Frame ID: 3F5AEEBC277EA33B5450C5319A6475E1
Requests: 13 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Frame ID: 75D7D6623032571B1AEF5C8F276F4810
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
Frame ID: 00D42E1D3E1685DD6414CD93C1A9C574
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0C1C414D5CC1437BAD24AA20AAE94EEB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176
Frame ID: 4304A179DCFABA97F090FD2FBCA06EE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
Frame ID: 3803149A6C551258C5CA29DE7FE641B3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699
Frame ID: 3F48C3C68503FA4C3BE59C29FCD8FB9A
Requests: 13 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D177258DF31E34826B9E4BEF38E3E2A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Ckepoayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTgAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvSTigkBzVBEVPBfS4NIFkTo9TgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=fw_YZlbbfjE
Frame ID: 234572FCD815406D45437A053DB7234F
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
Frame ID: C796DB21417B01A7D631FD06619C0393
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 335B19C7E75FBE058A55F610A896D052
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
Frame ID: 30EEF6518D0CB1375085B4494BD2234B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4569B99BEA6F49F2A12E9EE979EAD292
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A639B953C9AC956467CE9DAD743A4407
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DF350F41C0941E368FC995113B39767A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Frame ID: 087F56002F5AF6B7380BB65F1B226079
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FE3D8EDBF1CCECC13A2A81CF36D5EF70
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E74B11487A3D0B32928CE1EADEF2E2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A1B79F4E2499FA4C56FF1E60548F976C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDF7F8196BDC173DD8B600FE2478F46B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Frame ID: 164C6AD6A75A41E11CA412E30F7FDF21
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F9C3E966B5A648AF11B25A65A554429E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B58CE7F542B0239E5DF584FE64666D8
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Frame ID: 600F1A82414338223D1B64A9976963A9
Requests: 16 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=44789400007836600951401011661010&a=95b63d91
Frame ID: CAB682EFF4B63E6106D400CD8274FEAA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A2C1D2007A8A941314DB1B35D04E367F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5766FFFD7DDAAB1EDC598345F2148EC6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 220317A9D92D7E5B1D6AEFBB31E69FFB
Requests: 9 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
Frame ID: 16A8A84071E102B24B03BBAF418146B9
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2BE7AC77870B93EC35F3119FA5782740
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js
Frame ID: D545D8A4E0DA1D37EF5E5187ACCE1906
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A29BBC417985467CD490313145561134
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 265D6AFFA9AE4EB280A3AD2818E31A39
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E29C5AABDB7C19D5DF00A0821C1F5CF3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5D433446D2B17980C5962B9A0D4CFFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BFA2949F3A7E5F85CA000244653DD80F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F979AD9523C53F0AC6F57BCFE14A8E4B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4E8953BBAA3EB44A738DAD97EB4F0583
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01FC9C3A2DDA7659F92A0D418FE129AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

446
Requests

95 %
HTTPS

46 %
IPv6

53
Domains

76
Subdomains

54
IPs

9
Countries

7710 kB
Transfer

15600 kB
Size

12
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&title=Web%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%AF%E6%AD%A3%E7%A2%BA%E3%81%AB%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F%E3%81%9D%E3%82%8C%E3%81%AF%E4%BD%95%E3%81%AB%E5%BD%B1%E9%9F%BF%E3%81%97%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%20-%20ja.pays-tarusate.org
Title: Share

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://ar.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://bg.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://cs.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://da.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://de.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://el.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://es.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://et.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://fi.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://hi.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://hr.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://hu.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://id.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://it.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://iw.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://ko.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://lt.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://lv.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://ms.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://nl.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://no.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://pl.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://pt.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://ro.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://ru.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://sk.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://sl.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://sr.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://sv.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://th.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://tr.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://uk.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://vi.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://cn.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

URL: https://tw.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW;0.25432630450759985 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW;0.25432630450759985

Request Chain 77

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 91

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.vyI1KTjhH78E6vyem4fx9Q_62YkI6J_XdXfFczUF5nw61A8lNTILdtgQVqhgrz-Q.UDK6SNzQabSISy-I5f55QyyedAI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9339.cijg3kwgJQjyOUQ0CFS1mMB4TtedmOOUTW0jV4Xo3rBWgRXHY54zsKFT7nTnSuHpAZlzoD9CH-CiDigyde8EyQ%2C%2C._C0FALZuKz3KROaX0RU1CJl6FCM%2C

Request Chain 102

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.8236504725665907 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8236504725665907

Request Chain 104

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.940748442854118 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.940748442854118

Request Chain 106

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.9593633804855035 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.9593633804855035

Request Chain 108

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.29151087827467204 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.29151087827467204

Request Chain 110

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.35412224164900863 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.35412224164900863

Request Chain 112

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.0004944325072451239 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.0004944325072451239

Request Chain 114

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.8739142684016856 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8739142684016856

Request Chain 116

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.3968526578011191 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.3968526578011191

Request Chain 118

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.48657744064902797 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.48657744064902797

Request Chain 120

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.2453023818165736 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.2453023818165736

Request Chain 122

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.8259926098823969 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8259926098823969

Request Chain 124

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.22950167622596873 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.22950167622596873

Request Chain 126

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.39673992020352755 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.39673992020352755

Request Chain 128

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.12918537209558756 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.12918537209558756

Request Chain 130

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.85848075141654 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.85848075141654

Request Chain 132

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.9845756358982691 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.9845756358982691

Request Chain 134

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.7603620357286445 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.7603620357286445

Request Chain 136

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.3737191813076164 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.3737191813076164

Request Chain 137

https://mc.yandex.com/watch/70769167?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A104%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1403856471928%3Ahid%3A1065057477%3Az%3A120%3Ai%3A20210720032705%3Aet%3A1626744426%3Ac%3A1%3Arn%3A784435789%3Au%3A16267444261058991069%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744424395%3Ads%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C591%2C40%2C%2C%2C%2C669%3Adsn%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C592%2C40%2C%2C%2C%2C669%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744426%3At%3AWeb%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%AF%E6%AD%A3%E7%A2%BA%E3%81%AB%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F%E3%81%9D%E3%82%8C%E3%81%AF%E4%BD%95%E3%81%AB%E5%BD%B1%E9%9F%BF%E3%81%97%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%20-%20ja.pays-tarusate.org HTTP 302
https://mc.yandex.com/watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A104%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1403856471928%3Ahid%3A1065057477%3Az%3A120%3Ai%3A20210720032705%3Aet%3A1626744426%3Ac%3A1%3Arn%3A784435789%3Au%3A16267444261058991069%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744424395%3Ads%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C591%2C40%2C%2C%2C%2C669%3Adsn%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C592%2C40%2C%2C%2C%2C669%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744426%3At%3AWeb%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%AF%E6%AD%A3%E7%A2%BA%E3%81%AB%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F%E3%81%9D%E3%82%8C%E3%81%AF%E4%BD%95%E3%81%AB%E5%BD%B1%E9%9F%BF%E3%81%97%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%20-%20ja.pays-tarusate.org

Request Chain 197

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=ZXM%2Fzxm_smrcp&adk=3467223789&adf=816031644&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=1200&fwrn=3&fwrnh=100&format=1200x90&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&fwr=0&rh=90&rw=1200&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427056&bpp=8&bdt=87&idt=114&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393-2271be6070c900d2%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZHgNcFwH3GhVmvUr1txvuxdBfK0A&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=880176215.1626744427&ga_sid=1626744427&ga_hid=1443141149&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1210&biw=1600&bih=1200&isw=1600&ish=90&ifk=2297474828&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3014344654626943&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.y8m6w4uql13&btvi=1&fsb=1&dtd=141 HTTP 302
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

Request Chain 232

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPIIPUxSfcZdFeqs2yXybf9thXEU4JiYWQPiHW0wmX5aseQM-SMJ55NGxlQZ1Ve-MBmCv7vShkCsEHGCELOVQ6k2dwESHUaPRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

Request Chain 233

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 237

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPJaYU1vqlkOEeCPEXHBkU9nT50RK1oxdh52kAwYaFYdzDYR-53J5uhE1lhFZrD-zegQ6q8vGHb1EVW_Ydms6cUbsYYPRYG3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJaYU1vqlkOEeCPEXHBkU9nT50RK1oxdh52kAwYaFYdzDYR-53J5uhE1lhFZrD-zegQ6q8vGHb1EVW_Ydms6cUbsYYPRYG3&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Request Chain 238

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh4Wod2c9BHTHI9PMwl6hArM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh4Wod2c9BHTHI9PMwl6hArM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh4Wod2c9BHTHI9PMwl6hArM

Request Chain 272

https://hal900010.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2718181221537764460%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_cid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=1353676706926&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900010.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2718181221537764460%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_cid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=1353676706926&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 273

https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D412338212324070789%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_cid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=6366811125776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D412338212324070789%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_cid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=6366811125776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 277

https://um.simpli.fi/gp_match?google_gid=CAESEN342So-FjrWaRxjG1cvJy4&google_cver=1&google_push=AYg5qPJ3n0Mq4ydEzEFBcN2xwM1YpZ3nI0dBqk7E7QW5QUG6S1V7NX0M63gkRIRlUeqsEc1iIiKWeD8VUMdtCpuns6F6NH8uJCe8MQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=040786244751487795136B7212E06270&google_push=AYg5qPJ3n0Mq4ydEzEFBcN2xwM1YpZ3nI0dBqk7E7QW5QUG6S1V7NX0M63gkRIRlUeqsEc1iIiKWeD8VUMdtCpuns6F6NH8uJCe8MQ

Request Chain 279

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJc_5yaqQ-567EYkM8PbcMk&google_cver=1&google_push=AYg5qPIf4864_GikikK8DGmfmZ5WNHMaz5cYxCBFJjdIxhvehCgsE4GTZO3lzpMTvTeuN77g2DdxcF923A_zl_h3izxPZMlbkMe_DA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPIf4864_GikikK8DGmfmZ5WNHMaz5cYxCBFJjdIxhvehCgsE4GTZO3lzpMTvTeuN77g2DdxcF923A_zl_h3izxPZMlbkMe_DA

Request Chain 280

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIojBJun4nf681Z2Ic685AM&google_cver=1&google_push=AYg5qPJCH1xlrsiDnBO1D_fC9igRLbAY01pRbRG3DwdJpTITaDMFfxwUE3P8Vrfwsq3XvEPTVZJ2h_XPDhIkuLsk9eN9iqrCLYo7QQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4g8JqqE4R5mKfJAxrqSjRg2&google_push=AYg5qPJCH1xlrsiDnBO1D_fC9igRLbAY01pRbRG3DwdJpTITaDMFfxwUE3P8Vrfwsq3XvEPTVZJ2h_XPDhIkuLsk9eN9iqrCLYo7QQ

Request Chain 281

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPJemsQ9FVZb6tuozY9zigixLbOaKrMwkvF43hcJtAKA5KJfwWbL2UeFht2QBeib-E3bFXpJqJtmbZcl0rtqcA5Y6Z9qPvYR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJemsQ9FVZb6tuozY9zigixLbOaKrMwkvF43hcJtAKA5KJfwWbL2UeFht2QBeib-E3bFXpJqJtmbZcl0rtqcA5Y6Z9qPvYR&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Request Chain 282

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPK0TcE4BBEEpuy-7lpSVjda9hrztqFRu1LaR899py7Z8bRKesCykZQY_Ju0mUEJ1mp2V5nl0i83LIiUgA5Jx-ZT5pERx6XEtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPK0TcE4BBEEpuy-7lpSVjda9hrztqFRu1LaR899py7Z8bRKesCykZQY_Ju0mUEJ1mp2V5nl0i83LIiUgA5Jx-ZT5pERx6XEtw

Request Chain 287

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKwWKIRthkt1-NuVgTr6pFt44SkcjeQwrE8BKr315rnbyJnyEzy140GJ36d1D5FW02b4W0eefFvz0mr0mbXeAViZE9iLM9Z HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKwWKIRthkt1-NuVgTr6pFt44SkcjeQwrE8BKr315rnbyJnyEzy140GJ36d1D5FW02b4W0eefFvz0mr0mbXeAViZE9iLM9Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKwWKIRthkt1-NuVgTr6pFt44SkcjeQwrE8BKr315rnbyJnyEzy140GJ36d1D5FW02b4W0eefFvz0mr0mbXeAViZE9iLM9Z

Request Chain 291

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD3QvKMKA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD3QvKMKA HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64218ce4-4c29-4390-81af-6cb3e21b2d8a HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64218ce4-4c29-4390-81af-6cb3e21b2d8a HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a7fbe8fd-726b-4934-b533-e2b230ebc22f&user_group=1&ssp=google&bsw_param=64218ce4-4c29-4390-81af-6cb3e21b2d8a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD3QvKMKA&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Request Chain 292

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPL2jwbDhSHY4pFdwtPL6jIJCIdxefhEs7rZ3qD0-Um_3NRMcdfyKwhOOIE44RDeg_UZ0A7EdJt3cIOSts0bi4cnIONbGckY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPL2jwbDhSHY4pFdwtPL6jIJCIdxefhEs7rZ3qD0-Um_3NRMcdfyKwhOOIE44RDeg_UZ0A7EdJt3cIOSts0bi4cnIONbGckY

Request Chain 316

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPvwj56_8PECFf3REQgd3k4Pjw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_9948fc10-e8f9-11eb-ad65-692d0665ba09

Request Chain 335

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLLvlJ6_8PECFZXhuwgdrAwEow;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_99504f10-e8f9-11eb-90c7-692d06cd5c64

Request Chain 351

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CP3vlp6_8PECFZbWdwodywABTQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_995901a0-e8f9-11eb-90c7-692d06cd5c64

Request Chain 373

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPIkkmz8xof2uxYgr1yb7DYYSCZq5NGYaKJJUcOwJiENA8uyUjiJE3z6ca0r1tiXvAJvcCVLSV_XoVG-n6sl8b84lbEoGb5N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

Request Chain 374

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH81GGQmkFgq872mr0JeFec&google_cver=1&google_push=AYg5qPJmo7hudvPZLFoWn45SmZRzfglr5awWgwxEklrKMAcCoYveG1N0cFUSkUNPfXf418621Q3eYm9lUll21vjYoV3Mw68VtYBl HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJmo7hudvPZLFoWn45SmZRzfglr5awWgwxEklrKMAcCoYveG1N0cFUSkUNPfXf418621Q3eYm9lUll21vjYoV3Mw68VtYBl&google_hm=enayV4dehRbkrXsPpxU1pg

Request Chain 377

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECUYmgb8IvJtC6WDkLL6W1g&google_cver=1&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybeNLki7zI76GpK-HseT40qB78UXr57c-_GI_MJEYg HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECUYmgb8IvJtC6WDkLL6W1g&google_cver=1&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybeNLki7zI76GpK-HseT40qB78UXr57c-_GI_MJEYg&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CeS5_K1CO6mHIRPMUsnOWg&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybeNLki7zI76GpK-HseT40qB78UXr57c-_GI_MJEYg

Request Chain 378

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPL2xUhNfGvTBd-yj1J99MYApLg3tYGygUQK81bMDWyWYfB1KmN8lEK2iOALq9xmPMOd4DhDv-aLSnWetN3uB4m3P88divUP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL2xUhNfGvTBd-yj1J99MYApLg3tYGygUQK81bMDWyWYfB1KmN8lEK2iOALq9xmPMOd4DhDv-aLSnWetN3uB4m3P88divUP&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Request Chain 379

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPIkl8Ql8TBIV0uFWXpm3UiTdvm8uB_8ew7zHm-93cGouHBandoOiKD6DHEGRsD7CfT3lfSJCqKQ7M-uSp5f1E-U0-RtjjII HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPIkl8Ql8TBIV0uFWXpm3UiTdvm8uB_8ew7zHm-93cGouHBandoOiKD6DHEGRsD7CfT3lfSJCqKQ7M-uSp5f1E-U0-RtjjII

Request Chain 388

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 390

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPJteT55wHWXK9ChP5zCCg7VPDh5ZkAPUOWKmrsORpE0U9zqNvF_pzgDyBNEDhmbYdkE2r6pcS3k3MW1vj6yVmb_VpVIvojU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

Request Chain 391

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKKfDTWLn5n4GamETXJTNtVKrkQCWAQwdGeivPwbX_cbNxdVGjmCQbI1l03M9ulgxuPX0CO1oLiOLSYit-nIrsZ3vVRhhjS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKKfDTWLn5n4GamETXJTNtVKrkQCWAQwdGeivPwbX_cbNxdVGjmCQbI1l03M9ulgxuPX0CO1oLiOLSYit-nIrsZ3vVRhhjS

Request Chain 394

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJc_5yaqQ-567EYkM8PbcMk&google_cver=1&google_push=AYg5qPLkLUjvqg406NI38VKaa0DjiUPQX6Sd-TnABfu9y6PIwT_EjODb_rQlZ_DqpcXce5SwQ5vEGtmVuU1Pcs_qt8UwqqAZxbL9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPLkLUjvqg406NI38VKaa0DjiUPQX6Sd-TnABfu9y6PIwT_EjODb_rQlZ_DqpcXce5SwQ5vEGtmVuU1Pcs_qt8UwqqAZxbL9

Request Chain 395

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPIz7RZz4humFIT74j7e2XIgC3_c4h8e6A4UtBpo-5UiJGCmilduwOOo-VtrXu0H1tV_zi7W9ERRjvVVvqHhstbjgJwPuGiV HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878971739229148&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIz7RZz4humFIT74j7e2XIgC3_c4h8e6A4UtBpo-5UiJGCmilduwOOo-VtrXu0H1tV_zi7W9ERRjvVVvqHhstbjgJwPuGiV&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Request Chain 396

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPLEsn22EiFweBbKKAH9x0bxp1fmG_6xfK-rgm8QDmd9IdazuDyMwKQkHRjW-zo-0zBMoSKOqzs1D3xKeDS2PLbutfYRmsQz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLEsn22EiFweBbKKAH9x0bxp1fmG_6xfK-rgm8QDmd9IdazuDyMwKQkHRjW-zo-0zBMoSKOqzs1D3xKeDS2PLbutfYRmsQz&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Request Chain 410

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPJvqT9pJIiukxIFtD4xzvp1KnlDXyBd-I2YS6pT1lTJVnGH36vbIAfk3XvBNyxchV02MIaLVdvtCN_WbswMDSarULNE2c6z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

Request Chain 413

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPIsnYSe0YJi6hirdoAv10xqtjZ6y7DYTqNh0lZQpl-a8MAVlcMQHVY9m6BwxFZitOOYM5wPTnpZGuJKjaQLmSe9yeDcYzM HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=68342755-c84b-4d36-b0f7-5564d0aec49e&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIsnYSe0YJi6hirdoAv10xqtjZ6y7DYTqNh0lZQpl-a8MAVlcMQHVY9m6BwxFZitOOYM5wPTnpZGuJKjaQLmSe9yeDcYzM&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Request Chain 414

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPLzseIeXNnv9Z7u5K77Id5mOD4r4OFBKjiBdO0AbOiJ9YbPAmdAk9jKoMcp4HHRMRpXT8Prhrpk8vmnQkmsI65ivu4gczQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLzseIeXNnv9Z7u5K77Id5mOD4r4OFBKjiBdO0AbOiJ9YbPAmdAk9jKoMcp4HHRMRpXT8Prhrpk8vmnQkmsI65ivu4gczQ&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Request Chain 415

https://d5p.de17a.com/cookies/google?google_gid=CAESEJl2TMT0Y5HthJPeSZyir9M&google_cver=1&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQsecvD6 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJl2TMT0Y5HthJPeSZyir9M&google_cver=1&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQsecvD6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQsecvD6

446 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 812117-what-exactly-is-the-web-EDMGHW Show response
ja.pays-tarusate.org/ 49 KB
12 KB 75ms
34ms Document
text/html 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9ebfd96ff838aa6df9d085cd8036b2ce20e1e2d463c14fa85c2d4f77f1d959

Request headers

:method: GET
:authority: ja.pays-tarusate.org
:scheme: https
:path: /812117-what-exactly-is-the-web-EDMGHW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Wed, 21 Jul 2021 01:27:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhRVHp4dDvkA%2FN9SCCwf9tr4MDTI6NjJutrXz%2FL5lV5rls4C%2BNWzKYlZOu%2FX7kBuah4%2F14TzHDr1BLDFfvWflrxylN7aoDmbmqDZP7xK5xLyp%2BdJddDm9AJMWIKURyNY%2FTOcFVCnsYM96jjMnyrue1i3yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 671867acbf1c0631-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 51pb.min.js Show response
newrrb.bid/ 62 KB
18 KB 235ms
100ms Script
text/javascript 91.210.107.38
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.107.38 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 87ce9f34f4684d5ca1f6260a9202d46b88231ef1bfa7266318c69fdae2032fac

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:16 GMT
content-encoding: br
server: cloudflare-nginx
duration: 535209
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Tue, 20-Jul-2021 04:32:16 EEST

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 144 KB
19 KB 108ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744425.572888,VS0,VE1
etag: "5b3dfee603f4fa43f768bcdb3f5f4a2cdce1c019b73ecbe79f7cb0d0ca77d787-br"
x-served-by: cache-ams21053-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Tue, 20 Jul 2021 01:27:04 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19503
x-cache-hits: 1

GET
H3-29 200 what-exactly-is-the-web-app-version-what-does-it-affect.gif
pays-tarusate.org/content/jakarta/ 23 KB
24 KB 49ms
45ms Image
image/gif 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/jakarta/what-exactly-is-the-web-app-version-what-does-it-affect.gif
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0db786a9a0192d9e3651ea58c2d31f09e22a1c1bc1ab80847bf8f27da11e4c9

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23706
last-modified: Thu, 19 Nov 2020 19:59:51 GMT
server: cloudflare
etag: "5c9a-5b47b2bc2a883"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByGasbs1d5ok0TPgo8f25YQFWadfGMNJlytsy1qrJWLhF8y0%2FF62OxKvNFvx%2BoLMOFd9YkMNxf%2BLiHnq1VOihncygK6HcRhxfPMC9Z66hhJMhxkLOkAOxsGi%2FTip8Sh6ERbTrc231UDDrXiJnontYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4dfc05d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 email-decode.min.js Show response
ja.pays-tarusate.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
11ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.pays-tarusate.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ja.pays-tarusate.org
referer: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b631f2035000005d0b8a87000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdE5elgxEP5iM%2BkaAutSva1VZNmuKIoH940NpUE5aILDVP3cM54dvGvFZjcLkY8e9ruEVMFHYdSDWTG1v5Vxq43jdUKUA9Lo2bZsK0caFbEW9FoPkry5jzh3r5IcXKgm1MvfRryll2KTJfqEWapQSQQAnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 671867ad2db005d0-FRA
expires: Thu, 22 Jul 2021 01:27:04 GMT

GET
H2 200 projec777tback.org.1137286.js Show response
jsc.mgid.com/p/r/ 281 KB
75 KB 82ms
34ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7153fd6184c4659b3ad6c50a00b1585ee19c1718626c4f7efcb7014be8f83375

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 4862
cf-polished: origSize=287837
last-modified: Thu, 24 Jun 2021 11:04:47 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 3DESARKZQFQVXS62
x-amz-id-2: 8Y5lflhWG4tYUs8OdKO/0OY66kPao9SGr3uGYK8p52APmkti6GQq01/UcmTtpC57raBWUyRukpA=
cf-bgj: minify
server: cloudflare
etag: W/"a639adef423367c1592f51a0af5588ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 671867ad98990b4f-AMS
expires: Tue, 20 Jul 2021 04:27:04 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
29 KB 38ms
19ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67429
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 671867ad5cde4a91-FRA
cf-bgj: minify

GET
H3-29 200 blender-model-is-silver-metallic-grey-in-tabletop-simulator-and-doesnt-take-texture.jpg
pays-tarusate.org/content/blender/ 109 KB
110 KB 66ms
62ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/blender/blender-model-is-silver-metallic-grey-in-tabletop-simulator-and-doesnt-take-texture.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 557028ee75879f79780bfd235db572bb08cae47f75773aac12782605170f4cd0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 111637
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "1b415-5b47b2b29848d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKOHnGUkk5sbUq4AXhdoueaCiZ5u4K7lJmbtmVeg%2FUjX0AVkapjFQqqa4YAvq2MAPd8HR9N1EKGOV%2Fu6LvbbWvcpue%2FZdwoFww56vvn01Duo%2B2QKgBazKl71iNkTUasA%2BmCk1Oq8LbcTBrHr%2FzyQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4dfd05d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 java-jar-classnotfoundexception-even-though-dependent-library-exists-1.png
pays-tarusate.org/content/forge/ 192 KB
0 271ms
267ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/forge/java-jar-classnotfoundexception-even-though-dependent-library-exists-1.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 502193
last-modified: Thu, 19 Nov 2020 19:59:47 GMT
server: cloudflare
etag: "7a9b1-5b47b2b871630"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMYk4jr6TOtRPHd5jVREjXkUjSMdzSnDgujtzB67qq5rtdp1LyJRFqmIH5wK4fPX4ZBHCnexnxy2wJClE9SOKkOjMvD7HpxCfDFNZpx%2B%2B%2BI4D1MInhcBmaWZ8cn60BkQt8CCc1AZBOh8AtpTf18diA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4dfe05d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 unity-add-component.png
pays-tarusate.org/content/c/ 749 KB
750 KB 60ms
56ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/c/unity-add-component.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecb7d95b7bc32a0170f0056f82d4a378026b81a36b7c2c06da6ae8b85ebf07f

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 767472
last-modified: Thu, 19 Nov 2020 19:59:43 GMT
server: cloudflare
etag: "bb5f0-5b47b2b4ceb3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xjYDBueJXdM1Ur4V5WElHYY7QdROgYMnR%2Fmp3NEjDp8DWPpvGIdBeHSsQosjgiYJaZ2nUlfI2tcxkK5%2Fvs1qQvLT3zWT%2F8RdRCCldOmxv%2F%2FR0pIkaIajYPSv1HHQsvgA59ymE5ZFFtF6p%2BwQZpY4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0005d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 is-it-possible-to-make-a-game-controller-vibrate-using-xcode.jpg
pays-tarusate.org/content/ios/ 76 KB
77 KB 53ms
50ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/ios/is-it-possible-to-make-a-game-controller-vibrate-using-xcode.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cce0c71fdc40f9301047e0cb73a319ed9d2b738587685e98f2014b7c8ad653e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78174
last-modified: Thu, 19 Nov 2020 19:59:51 GMT
server: cloudflare
etag: "1315e-5b47b2bbd0afb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPHvrViWXRt9X%2B1aOkOnZXs6ZgPLlqjKEpfajoAmPMkP51NeR42gPOZkAgjTdMByYzeLv7JOkMdLXkkaIjzJ4Iq0CHqAjSxYaEftUx2TBGH7jlB5vMHYjGSNQyp7GejdimRZgxxJN4J0OY09bLY4hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0205d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 sprite-disappears-in-scratch-even-when-touching-another-sprite-4.png
pays-tarusate.org/content/sprite/ 42 KB
43 KB 50ms
46ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/sprite/sprite-disappears-in-scratch-even-when-touching-another-sprite-4.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e20c46ec448db624c5a34087e6ef93581cdbd16c7f36973a21b22b997061bd4

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43295
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "a91f-5b47b2c61f6a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLHID6t31Hx0wV8PgCSZrcaZgN8TbwA6C3JE9CdTOQYWqcHqo24zRbX0DZFmUnWrZr7ixrPNbfqFpkdxTRe2ebXwrQz9Za7ssMOQQ7vUQMD5Yf7YX85GUsSgXnfNiS3vcK1j%2FAebi%2FtwjHAQmPJXiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0305d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 embed-a-pyplot-in-a-tkinter-window-and-update-it.png
pays-tarusate.org/content/python/ 242 KB
242 KB 48ms
44ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/python/embed-a-pyplot-in-a-tkinter-window-and-update-it.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbecc29bf0b52316521292577d50f86832d66c75d8593b120227ccb5baad5cd5

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 247464
last-modified: Thu, 19 Nov 2020 19:59:58 GMT
server: cloudflare
etag: "3c6a8-5b47b2c2385eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkjDvmedcID4JYTJiuwEa%2BpEWd2T%2FFPcHtwZr3oUDZR6U0WumZH1PBro6zaZGbGuv7eTvACbrkNbAAk2ysBEpF01Sq14PNYP5gblipwDiDGdjbdfCs6tKUWS1lDnxYYgTPFaKpQKztc4hXaHaPgQJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0505d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 setting-package-wide-logger-level-via-logger.jpg
pays-tarusate.org/content/java/ 92 KB
93 KB 79ms
76ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/java/setting-package-wide-logger-level-via-logger.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 844e4b7f3e584f7c1cf0763ed7c67cde6a7aa158c95ca8c62e1b870f11f47ce1

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 94113
last-modified: Thu, 19 Nov 2020 19:59:52 GMT
server: cloudflare
etag: "16fa1-5b47b2bcc4d51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nhun5BgxUOLGx%2BqVSeWyQUV%2BdQcXgP9kKRYya3uMwVNes7fCMhoV56qUp8Qp%2BgJcKbYIA6TiWhy6Cb0z%2FxCckM6dZRePTvtOHzWzDSs%2F2rAMVnDZGmV%2BkQnYTcq8w04e1mUDlXXfK7P5qwjIc1T1%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0605d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 how-to-trap-the-expand-event-in-jquery-treetable
pays-tarusate.org/content/how/ 796 KB
797 KB 31ms
28ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-to-trap-the-expand-event-in-jquery-treetable
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718ab98005b379d798d724e8a0da9876d9a66dc91250401c2462190e3fe23056

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Nov 2020 19:59:49 GMT
server: cloudflare
etag: "c7131-5b47b2ba02c33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys4uemSG%2Bsaqkf2VBDjikgSAhuUu46fb2vSRHVleAGeOPk5l4YzZEbLPyhWk8xGOTk6h1VJwtqJ1e334p6%2BcPTseN7Qenc8BzjzWTogogp7%2BeOnJioFfpJ221odzF%2FcGMs86XjEewzvtO1B3nn3XOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 671867ad4e0705d0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 815409
expires: Tue, 27 Jul 2021 01:27:04 GMT

GET
H3-29 200 android-couldnt-load-foo-findlibrary-returned-null-2.png
pays-tarusate.org/content/android/ 610 KB
610 KB 802ms
798ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/android/android-couldnt-load-foo-findlibrary-returned-null-2.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437f527e3afbabea46c842051b2962ebda658a36dd52cf0754f9bacd0a39b5b4

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 624165
last-modified: Thu, 19 Nov 2020 19:59:39 GMT
server: cloudflare
etag: "98625-5b47b2b085fff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC8NGVOx7ZULYxxPtXydXF7VZGCPReMlgUbISjmBdwwvrXDwzHoIHtTLsa3CuxbCK8mu8gAYVGkvVUj4v5%2FIoxtauJC3z0NNrHhJQDYcgXDMNmzvWLDcE7pn2pkXzzApS8XEqPtC6%2BPi7CVCINx%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0805d0-FRA
expires: Wed, 20 Jul 2022 01:27:05 GMT

GET decfloat-error-in-db2.jpg
pays-tarusate.org/content/toad/ 0
0

GET
H3-29 200 javafx-2-0-and-qt-for-cross-platform-application.jpg
pays-tarusate.org/content/java/ 20 KB
21 KB 94ms
90ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/java/javafx-2-0-and-qt-for-cross-platform-application.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebf1d07df520dc7604f9ac09f0025dce4ddb486b88a5dbce672e60c4fe79784

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20536
last-modified: Thu, 19 Nov 2020 19:59:52 GMT
server: cloudflare
etag: "5038-5b47b2bca2a6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqXaOEhL1ZZ4zXEc7Bjzp34ESE8rc2seXRyialzV5fU8vKaIIpTgEsexHlxEt02nsiMFswmmy%2FKw%2BcfaGQ60P%2FH%2FbKMgvvZfOqdKccLrQo4Ej2IBQ4%2Fu8xdagr4WN9eXf96dxQzjooOGQQgSFT5HYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0a05d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 how-to-manipulate-eulers-number-in-matlab.jpg
pays-tarusate.org/content/how/ 64 KB
0 474ms
471ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-to-manipulate-eulers-number-in-matlab.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 76877
last-modified: Thu, 19 Nov 2020 19:59:49 GMT
server: cloudflare
etag: "12c4d-5b47b2b9bf60d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrtdJptB%2BlkdkavgVXo0kkXGlKVgmNzo9ERINyMA1UZEaYVvo5olcOpMCYVrD3wKVTiMMdR%2Fxm%2BTJzWKcy41Q4EjMEYzaXHGsNfWv8D4FLWUepn0%2FqzV%2BsuhEvZbsvqmLVR%2BdAC6W6NCEML5XPta7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0e05d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 unable-to-login-in-putty-using-ssh-mode-throwing-fatal-error.png
pays-tarusate.org/content/cygwin/ 320 KB
0 156ms
153ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/cygwin/unable-to-login-in-putty-using-ssh-mode-throwing-fatal-error.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 364198
last-modified: Thu, 19 Nov 2020 19:59:46 GMT
server: cloudflare
etag: "58ea6-5b47b2b72d294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPYhQowjC%2F5cYYmI9b9OF2Jr2Re9xuWQHqiLO9yj%2FPMbPZ55h02VxKCngRcgJNyxXOMLTmwLU%2BWuxm1h7nxIf5gHmvtu9SiwHSt927yW4iSe7pSwv24JxewQReB%2Bvii0s4MRLftf%2BuVNfheRWnxCzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e0f05d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 error-adding-gesture-to-visual-gesture-builder-frame-source-with-kinect-v2.jpg
pays-tarusate.org/content/c/ 64 KB
0 385ms
381ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/c/error-adding-gesture-to-visual-gesture-builder-frame-source-with-kinect-v2.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 67644
last-modified: Thu, 19 Nov 2020 19:59:42 GMT
server: cloudflare
etag: "1083c-5b47b2b3bf367"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAZULmUW5RilxD6WuLd165DUopjRjBureOiMmvohbDfegHw2PHpeS8BM0s6XrK0mZx8EdUHcmeEGWW7W67OyuxI0ICAZQ6iEqxiE9U2%2FBIWCaDb5OH%2FCcTj95%2FQw7SpnTV5omA5ggs8vngztUW%2BwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e1105d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET not-able-to-delete-text-in-an-excel-cell-closed-2.png
pays-tarusate.org/content/not/ 0
0

GET
H3-29 200 exact-quran-font-with-thajweed-ios.jpg
pays-tarusate.org/content/exact/ 96 KB
97 KB 106ms
102ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/exact/exact-quran-font-with-thajweed-ios.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254d12de2ddfa131be825d2aa029152e749c2b92230327c20b4c22c6f075d8ed

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 98648
last-modified: Thu, 19 Nov 2020 19:59:47 GMT
server: cloudflare
etag: "18158-5b47b2b809de7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUYHU8OY0XGMjLQ8sveJfsK8OPrKuO4R2y5fq9iqG9QRgtJo9IgCaizwp5bA3VpeQ4OGi3Wn26ujcOlAznxfUXNckZJChIwLde%2BAGGPJnE4q43UoDkvBM2Rfve04itSd3m0O0MSoHqAivhlqybmiVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e1305d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET
H3-29 200 intel-app-framework-2-2-in-android-5-webview-cannot-allow-clicking-on-any-link.jpg
pays-tarusate.org/content/intel/ 57 KB
57 KB 426ms
423ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/intel/intel-app-framework-2-2-in-android-5-webview-cannot-allow-clicking-on-any-link.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b599171e55f10f8ffebfa1e2b116d9858ecf71cda0affabe99bd16b651855ae8

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58116
last-modified: Thu, 19 Nov 2020 19:59:51 GMT
server: cloudflare
etag: "e304-5b47b2bbab938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxEa1GnJGqjzkcBmHC4SHzkmepQG6tN0umBvEZ3k47%2Ba8pMVoJ9eoUdg7SyXXEZCQmniGh%2BnqCz5ikS6FCSINfCKzve94T%2FN9R5Ocd%2FWo3OYZ6TCUY%2BNMYl19Pm6TRUeAoOyQdgcS%2BRR8KuViOXQAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e1405d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET how-can-i-change-the-edge-line-color-when-using-the-fill-function-in-mathematica.jpg
pays-tarusate.org/content/plot/ 0
0

GET
H3-29 200 how-external-merge-sort-algorithm-works.jpg
pays-tarusate.org/content/sorting/ 54 KB
54 KB 488ms
484ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/sorting/how-external-merge-sort-algorithm-works.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fd3ba289d7cec5ac46a21320519b6e6cdf1d90b05f390c834051ef62c48b49

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 54813
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "d61d-5b47b2c5fd3bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDqLG7Dgn7%2Flgb0WnZgjZzNkqXe%2B5elEN3gdBFO38wtInL6trLHNvo5jUOh3DXzjbJnty9SHVkj6w1p%2F0kNOYpm2gvjl5ohxtK1LS9gd2WduSzScmTrmsdN9zZ%2FW1EUVokP2dhHb3KNWTXXdsBbHWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671867ad4e1605d0-FRA
expires: Wed, 20 Jul 2022 01:27:04 GMT

GET fresnel-diffraction-in-two-steps-3.png
pays-tarusate.org/content/matlab/ 0
0

GET undo-line-ending-changes-in-git.jpg
pays-tarusate.org/content/undo/ 0
0

GET
H2 200 general_style.css
pays-tarusate.org/template/pays-tarusate/css/ 4 KB
946 B 31ms
14ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9940a1698476f6f9aa2a8ca09e88666263154aa86a72bf473947f0f09793b

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1099107
cf-polished: origSize=5657
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"1619-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjYFrSYpRXENOOULeG1ItIOIgxmRZ8HUesdsewN4uowBMjt1ddB9pKyaQ8MI003u84dzknPRIo6KPxd6Pta%2BhXfpB1UsjyAU6XHjdRDZcuchz9iiNtP7b0eD8huqlJ1%2BhP2ERZ7gM5OgmBxp9VKk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671867ad1f6a0631-FRA
expires: Wed, 21 Jul 2021 08:08:37 GMT

GET
H2 200 main_style.css
pays-tarusate.org/template/pays-tarusate/css/ 28 KB
5 KB 36ms
19ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/main_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7843eb6f53c01e1a367592f612780f02ceea172368acf5266f618e94848247e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1068483
cf-polished: origSize=34819
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"8803-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQKOxuJJYn1DYqmRUaTUXoDfbQ2b%2B1iJs9%2Bm1K8XiGRtmFBuPNLrmYgPFg9vJIH6ubXHpP400QImIwf1Xxr12pGzOV06IowTsnjBpVQCEyMTl0qHRjIP%2FBMz18VEEhD%2BH8dwefmruRZQk5QPCnmvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671867ad1f660631-FRA
expires: Wed, 21 Jul 2021 16:39:01 GMT

GET
H2 200 reset_style.css
pays-tarusate.org/template/pays-tarusate/css/ 662 B
644 B 29ms
13ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/reset_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353b2e68c0aeefe645d21343a30f43420cf68526a44536b90ffff8d48539a2db

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1068483
cf-polished: origSize=849
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"351-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7gnZhYUCP%2BMZ1swi77pmdEKkUEYFkhWMKczmSQwbM5ZEa%2B5NFAsr7bzI%2B1l0VAY6yFkAA9CH0aRTkE85AZCmLt2uRmsiM4vFVgA0njjhnvBJELzxvSUDu%2Bi2I6R3eX5LJBy7C3THY72J%2BoLnQcvxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671867ad1f690631-FRA
expires: Wed, 21 Jul 2021 16:39:01 GMT

GET
H2 200 font-awesome.min.css
pays-tarusate.org/template/pays-tarusate/css/ 30 KB
7 KB 30ms
14ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/font-awesome.min.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f6ec9192f604e9bec7a38f4d2b2ad5e81184c05a5395d131de6c7129f9f1314

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1007929
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"789c-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG2eWGgdouaoZLurmP5S5RlHgBjBUXm%2FpqhXAGONFgrP%2F%2BkqSENuHIyTUFNOXOqE9BkK9umk4NjsRfug%2BtZIg0uBWXrSr1bBk%2FTHr%2BjY5klTDqRwN6WLiSTQ1t8r5O8KeskuVPwwBB3mMmDJRsBvBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671867ad1f6d0631-FRA
expires: Thu, 22 Jul 2021 09:28:15 GMT

GET
H2 200 adv.css
pays-tarusate.org/template/pays-tarusate/css/ 61 KB
42 KB 31ms
15ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/adv.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 833397
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 17:45:24 GMT
server: cloudflare
etag: W/"f5d7-5bd46592ababf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7UAf2BI0iSXGdhPL5b1H1YZY2h3DnLhNE0MEq4fj02UgsmF1zAVokd5PB1gk1J8Vlm9WCYPW0z15Rta5Dic%2B33qaN%2FFZVDDut3SDk9K95tpJZ0FTwCHmgykldxY5HwOK9toTVrNJ0ym2I4B0Nb9bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671867ad1f6f0631-FRA
expires: Sat, 24 Jul 2021 09:57:07 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 95 KB
35 KB 38ms
22ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery-1.12.4.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 128332
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"17b8b-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRdNK3uNIPdXlA2xlyBbepY5xopm04zCxYZ9Joop%2B%2FmFbnYEBUkRfuqICKgAbUDatA%2FSdcuFbjQ%2B8PGP9tmHl4MByAHuOnJX9kpFbKvb%2FvUFZ7NwA1Ze%2FrLCYj2LAkb%2FJY3ThzgAoGQT%2Bj%2B3YDeYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671867ad1f710631-FRA
expires: Sun, 01 Aug 2021 13:48:12 GMT

GET
H3-29 200 script.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 4 KB
2 KB 21ms
17ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/script.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c9c13f7373cddd250356f30473709aeae3cdc2d56a5afdeb113b3033c33ea2

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 833397
cf-polished: origSize=5177
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"1439-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ujpeb2jcykIUYh5zt3%2BwrgK8gK3SqLjpgU%2F9xo8WPSrN%2FyJCnrIk76v4BlZHYgnGrXzEMUumFgb4XAOQtp7Rwb%2FhgBHSer%2FmW4l42wxpJYV6QLj6SrCrN2EpzXbQbOTxYMasjeE2qEQlsVuHamCKHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671867ad4df705d0-FRA
expires: Sat, 24 Jul 2021 09:57:07 GMT

GET
H3-29 200 jquery.zoom.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 4 KB
2 KB 24ms
20ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery.zoom.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbac863d2fb5589d11c75ddf028189eb39d22ec3496440cbbdf2b4ce7fe82d53

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 833397
cf-polished: origSize=5948
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 25 Apr 2018 18:00:00 GMT
server: cloudflare
etag: W/"173c-56ab00a1cc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ftf4o8jx6YHopUQMUkoM0Zw4sgEkPwUlpc%2BRfRWnA%2F15%2BkoJjy8UguvIZPGQ4UQpVrZjrg%2FC%2FH%2FUK3thFjv8hbuiLorGG6CJE%2FCbkvHsqIDI5SdBy6XXUFLBq1SymtrAzb2vzytbi4yOHvPb9NVuvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671867ad4dfa05d0-FRA
expires: Sat, 24 Jul 2021 09:57:07 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
1 KB 11ms
5ms Stylesheet
text/css 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 12836
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1299
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by: cache-fra19133-FRA
date: Tue, 20 Jul 2021 01:27:04 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 12ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25553
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6756
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by: cache-fra19133-FRA
date: Tue, 20 Jul 2021 01:27:04 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 59 KB
60 KB 90ms
21ms Script
text/plain 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a33f0dff45ec00a74d89c8c07a2dd118b32b6e09e76f1286a0496fa3f7a50a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:04 GMT
Connection: Keep-Alive
Last-Modified: Mon, 05 Jul 2021 13:26:07 GMT
x-amz-meta-s3cmd-attrs: atime:1625491551/ctime:1625491551/gid:0/gname:root/md5:5de93a180df83ffef4bb6a1b8e4202e7/mode:33188/mtime:1625490829/uid:0/uname:root
x-amz-request-id: tx000000000000000d263ec-0060f61db2-14427cb1-fra1a
etag: "5de93a180df83ffef4bb6a1b8e4202e7"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1626744424.dop149.fr8.t,1626744424.cds270.fr8.shn,1626744424.cds270.fr8.c
Content-Type: text/plain
Cache-Control: max-age=1375
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60430

GET
H2 200 / Show response
load02.biz/ 20 KB
20 KB 92ms
29ms Script
application/javascript 143.198.248.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.64 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d2af0d76b7e06d612af0667915d73c075cbf16fc7019482a9a1678c89734b5b8

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:04 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 29ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2016 19:11:56 GMT
server: nginx
etag: W/"56cb5d7c-14e7e"
vary: Accept-Encoding
x-hw: 1626744424.dop129.fr8.t,1626744424.cds254.fr8.hc,1626744424.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H3-29 200 jquery.unveil2.min.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 3 KB
2 KB 27ms
23ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery.unveil2.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585174
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 18 Dec 2017 18:00:00 GMT
server: cloudflare
etag: W/"b2e-560a11e6cc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQqT87l5sE6uT2x4RBC0WReV2mJrexCCG5sneUMzCjgUWkbf8obmRq%2BBkY2ynT95BEfPOLxbLOkIgYm7MKNUXVU2o%2Bxkh2feRgYEdh%2BaWkSLDEPT26wSyOk4G4YL%2BuJitjgLeLRGam5QD08MMMB%2F0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671867ad4dfb05d0-FRA
expires: Tue, 27 Jul 2021 06:54:10 GMT

GET
H2 200 TnrAdwhuY34 Show response
www.youtube.com/embed/ Frame 1BD6 53 KB
22 KB 56ms
55ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09e576d471f4e31ce03c407945a63e9c4e3a8055ba4c1f586b1419a73534fd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 20 Jul 2021 01:27:04 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NnJCVnJcTZI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=daEC7uwp5yo; Domain=.youtube.com; Expires=Sun, 16-Jan-2022 01:27:04 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+425; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 37ms
18ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10297871
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 671867ade9284ec2-FRA
cf-bgj: minify

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/e6f52918/ Frame 1BD6 324 KB
45 KB 17ms
13ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e6f52918/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d815775f36de7cf811a67054ef9b292cf0b7730c61faba018c5756fda850f136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:44:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 00:37:54 GMT
server: sffe
age: 34935
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45807
x-xss-protection: 0
expires: Tue, 19 Jul 2022 15:44:49 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/e6f52918/www-embed-player.vflset/ Frame 1BD6 193 KB
64 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e6f52918/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f615b1fabd2cf1d98aaf41bdfd08132dffd9fc1dc18ab64405dbb46dd485ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 00:37:54 GMT
server: sffe
age: 34942
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65187
x-xss-protection: 0
expires: Tue, 19 Jul 2022 15:44:42 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/ Frame 1BD6 2 MB
490 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b9a7b2512dad43e54d0dc283f63b529e7eecb9e3114e402c262a1546cb8fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 501395
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 00:37:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 15:46:42 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e6f52918/fetch-polyfill.vflset/ Frame 1BD6 8 KB
3 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e6f52918/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 00:37:54 GMT
server: sffe
age: 852
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 20 Jul 2022 01:12:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1BD6 15 KB
15 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 14383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 21:27:21 GMT

GET
H3-29 200 css.css
pays-tarusate.org/template/pays-tarusate/css/ 24 KB
2 KB 14ms
12ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/css.css
Requested by: Host: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 173649a681fd076c6a1564df9b0a423ea7d401d8e982950feeeb9b0d1ff1f1d7

Request headers

Referer: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 382999
cf-polished: origSize=30154
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"75ca-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmhCgg5AP6LQD8WMZjLOeTxDXyvzsxYAtB97aKDGJpcAzd3%2BjEZ%2FlgiW%2BunguFbTgKIt98RBB0R0tQab0ZWiYk%2FHNQ3Y3c01M%2FTDcd3Wy1ADY8poURrVHQidfMqj0%2BzkeQNnTpxaCxry4HcLjsW5ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671867adeeae05d0-FRA
expires: Thu, 29 Jul 2021 15:03:45 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
230 B 20ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744425.639515,VS0,VE1
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-ams21053-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Tue, 20 Jul 2021 01:27:04 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 00:42:21 GMT
server: ESF
date: Tue, 20 Jul 2021 01:27:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 01:27:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
619 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 00:27:45 GMT
server: ESF
date: Tue, 20 Jul 2021 01:27:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 01:27:04 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 121ms
119ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&src_id=id-RG9uYWxkIEpvaG5z-language-ja&cbuster=1626744424674742078538&uniqId=05499&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&lu=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&pageView=1&pvid=17ac18608e3a8495a59&site=713537&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 671867ae491a0b4f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 29ms
28ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 166
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 671867ae49200b4f-AMS
expires: Wed, 21 Jul 2021 01:27:04 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
881 B 29ms
27ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 166
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 671867ae491d0b4f-AMS
expires: Wed, 21 Jul 2021 01:27:04 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
H3-29 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:20:02 GMT
x-content-type-options: nosniff
age: 22022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 19:20:02 GMT

GET
H3-29 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 11:00:01 GMT
x-content-type-options: nosniff
age: 570423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17004
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 11:00:01 GMT

GET
H2 403 1
servicer.mgid.com/1137286/ 0
0 72ms
70ms Script
text/html 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1137286/1?pv=5&src_id=id-RG9uYWxkIEpvaG5z-language-ja&cbuster=1626744424885373050608&uniqId=05499&niet=4g&nisd=false&w=1066&h=319&p3_w=344&p3_h=259&maxw_3=344&maxh_3=259&cols=3&ref=&cxurl=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&lu=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&pageView=1&pvid=17ac18608e3a8495a59&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW;0.25432630450759985
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW;0.25432630450759985

43 B
528 B

54ms
54ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW;0.25432630450759985

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 19 Jul 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW;0.25432630450759985
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 19 Jul 2020 21:00:00 GMT

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 242 B
352 B 58ms
18ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9126834120804b4123a5239704a7673e4a9b121611f9446b0767f085d412411e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:04 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48349
x-xss-protection: 0
server: cafe
etag: 2378802026447261366
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:04 GMT

GET If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET 0QIgMX1D_JOuO7HeNtxumg.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET 0QIvMX1D_JOuMwr7Iw.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOlCnqEu92Fr1MmSU5fBBc4.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 152ms
51ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 10:21:03 GMT
etag: "60ec4755-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Tue, 20 Jul 2021 02:27:05 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
390 B 200ms
199ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-ams21053-AMS
server: Google Frontend
x-timer: S1626744425.121037,VS0,VE181
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: bac4182378f9fd60da44973a586a1c3c
cache-control: max-age=3600,public
function-execution-id: 7v99y3ru0orc
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: BE
x-cache-hits: 0

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1BD6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

22ms
21ms

XHR
application/json

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a342c8a21235b45f1578d15ac7b157b7d46a0217b603ba07561bdffe21a8a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:05 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1BD6 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e6f52918/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:25:38 GMT
x-content-type-options: nosniff
age: 87
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:40:38 GMT

GET
H2 200 51pb.json Show response
newrrb.bid/ 48 B
226 B 175ms
58ms XHR
application/json 91.210.107.38
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json?stat=%5B%7B%22t%22%3A%22start%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A88%7D%5D&url=&v=2.2.3-c5cc624&r=8d0n4rp3lh&referrer=
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.107.38 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4545f44ba1d4ce843af8dba9d9736cce7d0ad2bbc089f835d98af3e6bc4e1e70

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:17 GMT
content-encoding: br
server: cloudflare-nginx
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json

GET JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/ Frame 1BD6 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

906272cf05450a1cb628be7e401c7ab9ab0c5fd39abfc48548056c5d22f5db24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 00:37:54 GMT
server: sffe
age: 34823
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
expires: Tue, 19 Jul 2022 15:46:42 GMT

GET
H2 200 nZ7sQi4G6uBmPYnpMCxw_tLMvfO27vM8eyHYvEnOBq0.js Show response
www.google.com/js/th/ Frame 1BD6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/nZ7sQi4G6uBmPYnpMCxw_tLMvfO27vM8eyHYvEnOBq0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9eec422e06eae0663d89e9302c70fed2ccbdf3b6eef33c7b21d8bc49ce06ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 16:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13316
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 16:26:55 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/ Frame 1BD6 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40577c03222b03f1997d4dadf4ac6410e9abc2712affe36689e35bc6415ba51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7481
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 00:37:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 15:47:19 GMT

GET
DATA 200
OK truncated
/ Frame 1BD6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTGTz3VYjFJ6kR0cBJUXmG2tofI4cM_A4-np0vK=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1BD6 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTGTz3VYjFJ6kR0cBJUXmG2tofI4cM_A4-np0vK=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ce4f43295ac30f1d982a3888930d3a0462c2cdf80354bc10219c6ba7c9543a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:20:06 GMT
x-content-type-options: nosniff
age: 419
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2074
x-xss-protection: 0
server: fife
etag: "v16"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 21 Jul 2021 01:20:06 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/TnrAdwhuY34/ Frame 1BD6 10 KB
10 KB 52ms
52ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TnrAdwhuY34/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35cced6b7c30562db59f723a5b4953ccf1c6406485e3b1772e717e50ff096b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
vary: Origin
server: sffe
x-content-type-options: nosniff
etag: "0"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9962
x-xss-protection: 0
expires: Tue, 20 Jul 2021 03:27:05 GMT

GET
H2 200 51pb.json Show response
newrrb.bid/ 48 B
225 B 58ms
58ms XHR
application/json 91.210.107.38
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json?stat=%5B%7B%22t%22%3A%22loaded%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A779%7D%5D&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&v=2.2.3-c5cc624&r=8d0n4rp3lh&referrer=http%3A%2F%2Fno.domain%2F
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.107.38 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: eaeff6a49c1ef81454d8e2fbcac740d2f7cab5730df455a2ea05357fb425a16e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:17 GMT
content-encoding: br
server: cloudflare-nginx
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame E651 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:29:55 GMT
expires: Mon, 02 Aug 2021 03:29:55 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 79030
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 58ms
18ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 20 Jul 2021 02:27:05 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 179 B
387 B 35ms
15ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 671867b42a7f4e0e-FRA

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.vyI1KTjhH78E6vyem4fx9Q_62YkI6J_XdXfFczUF5nw61A8lNTILdtgQVqhgrz-Q.UDK6SNzQabSISy-I5f55QyyedAI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9339.cijg3kwgJQjyOUQ0CFS1mMB4TtedmOOUTW0jV4Xo3rBWgRXHY54zsKFT7nTnSuHpAZlzoD9CH-CiDigyde8EyQ%2C%2C._C0FALZuKz3KROaX0RU1CJl6FCM%2C

75 B
75 B

56ms
56ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9339.cijg3kwgJQjyOUQ0CFS1mMB4TtedmOOUTW0jV4Xo3rBWgRXHY54zsKFT7nTnSuHpAZlzoD9CH-CiDigyde8EyQ%2C%2C._C0FALZuKz3KROaX0RU1CJl6FCM%2C

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9339.cijg3kwgJQjyOUQ0CFS1mMB4TtedmOOUTW0jV4Xo3rBWgRXHY54zsKFT7nTnSuHpAZlzoD9CH-CiDigyde8EyQ%2C%2C._C0FALZuKz3KROaX0RU1CJl6FCM%2C
date: Tue, 20 Jul 2021 01:27:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
last-modified: Thu, 15 Jul 2021 10:21:03 GMT
etag: "60ec4755-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Jul 2021 02:27:05 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 566824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:00:01 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1BD6 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:05 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 19ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744426.849707,VS0,VE1
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-ams21053-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Tue, 20 Jul 2021 01:27:05 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 1

GET
H3-29 204 generate_204
www.youtube.com/ Frame 1BD6 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7Ru1FA
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 25241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:24 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 19ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744426.094392,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-ams21053-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Tue, 20 Jul 2021 01:27:06 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 69 KB
24 KB 87ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

1e1d90836d85ed4726d6bce8ac1844407f5f70d9861f3c58b3d1052443e7f641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 945 of 1000 / last-modified: 1626732543"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24189
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5e95d142f8aac59f9a58ce36d5598a81301dbf5bd8b99f2fbe2bee765b73d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 585 of 1000 / last-modified: 1626732643"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24895
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
174 B 60ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.3192088828566355

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.8236504725665907
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

56ms
55ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8236504725665907
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8236504725665907
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 61ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.7744884057871757

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.940748442854118
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

51ms
50ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.940748442854118
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.940748442854118
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 63ms
53ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6948295018395596

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.9593633804855035
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

58ms
58ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.9593633804855035
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.9593633804855035
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 61ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.9299653994031813

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.29151087827467204
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

65ms
64ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.29151087827467204
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.29151087827467204
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 76ms
66ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.22555191733229507

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.35412224164900863
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

51ms
50ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.35412224164900863
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.35412224164900863
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 67ms
57ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.8391278136773861

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.00049443250724...
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

56ms
56ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.0004944325072451239
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.0004944325072451239
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
119 B 63ms
53ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.15605096622600145

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.8739142684016856
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

52ms
51ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8739142684016856
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8739142684016856
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 67ms
58ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6610053205384072

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.3968526578011191
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

61ms
52ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.3968526578011191
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.3968526578011191
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
119 B 111ms
103ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6220648742744295

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.48657744064902797
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

65ms
55ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.48657744064902797
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.48657744064902797
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 119ms
110ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.9538491903165245

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.2453023818165736
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

60ms
55ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.2453023818165736
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.2453023818165736
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 114ms
106ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.1522401111212237

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.8259926098823969
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

73ms
60ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8259926098823969
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.8259926098823969
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 111ms
103ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.3621895135061899

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.22950167622596873
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

58ms
58ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.22950167622596873
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.22950167622596873
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
92 B 107ms
99ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.4794137013501074

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.39673992020352755
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

66ms
60ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.39673992020352755
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.39673992020352755
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 113ms
106ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.16657447604534936

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.12918537209558756
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

64ms
54ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.12918537209558756
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.12918537209558756
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 110ms
103ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.949594175012183

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.85848075141654
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

62ms
52ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.85848075141654
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.85848075141654
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 113ms
107ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6119221103025194

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.9845756358982691
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

70ms
65ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.9845756358982691
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.9845756358982691
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 112ms
107ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6326337649185676

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.7603620357286445
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

68ms
58ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.7603620357286445
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.7603620357286445
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 108ms
103ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.0009741343144464842

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW%22:%22%22}}}&r=0.3737191813076164
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22...

0
0

55ms
51ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.3737191813076164
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW%22%3A%22%22%7D%7D%7D&r=0.3737191813076164
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/70769167/
Redirect Chain

https://mc.yandex.com/watch/70769167?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k...
https://mc.yandex.com/watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd1...

316 B
419 B

58ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A104%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1403856471928%3Ahid%3A1065057477%3Az%3A120%3Ai%3A20210720032705%3Aet%3A1626744426%3Ac%3A1%3Arn%3A784435789%3Au%3A16267444261058991069%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744424395%3Ads%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C591%2C40%2C%2C%2C%2C669%3Adsn%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C592%2C40%2C%2C%2C%2C669%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744426%3At%3AWeb%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%AF%E6%AD%A3%E7%A2%BA%E3%81%AB%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F%E3%81%9D%E3%82%8C%E3%81%AF%E4%BD%95%E3%81%AB%E5%BD%B1%E9%9F%BF%E3%81%97%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%20-%20ja.pays-tarusate.org

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dffcdc6ec7173fa1c6f04937fe88cca164a5fdd248448755a8ef4d56f896e664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
last-modified: Tue, 20-Jul-2021 01:27:06 GMT
location: /watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A104%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1403856471928%3Ahid%3A1065057477%3Az%3A120%3Ai%3A20210720032705%3Aet%3A1626744426%3Ac%3A1%3Arn%3A784435789%3Au%3A16267444261058991069%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744424395%3Ads%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C591%2C40%2C%2C%2C%2C669%3Adsn%3A24%2C16%2C34%2C2%2C0%2C0%2C%2C592%2C40%2C%2C%2C%2C669%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744426%3At%3AWeb%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%90%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%AF%E6%AD%A3%E7%A2%BA%E3%81%AB%E3%81%AF%E4%BD%95%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F%E3%81%9D%E3%82%8C%E3%81%AF%E4%BD%95%E3%81%AB%E5%BD%B1%E9%9F%BF%E3%81%97%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%20-%20ja.pays-tarusate.org
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:27:06 GMT

GET
H2 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 32ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
712 B 88ms
27ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.pays-tarusate.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4a1c4179f503e7a42fac6e2bde3220a18857b775a512c9cd6c03eebc31109332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 449ms
418ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426493&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1345&adks=2527774088&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

45988155d09aa7e564baf5913a246e2c816bd2e9ca860dbb32a2347f4413f816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4891
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194850
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 089A 6 KB
3 KB 60ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 01:27:06 GMT
expires: Wed, 20 Jul 2022 01:27:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 357ms
328ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426499&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=335&adks=3523473241&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=779x-1&msz=779x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=4&ohw=779&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cbc7ed4ccaaef1cc74d01c5ec6749336ec98dab62745b9023f3c34e7553ac401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4912
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308193146
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 606ms
579ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426501&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4416&adks=1957408659&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=779x-1&msz=779x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=4&ohw=779&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f0fad84ceda4683f8ca06ea72061817ab2491752e28ca03971f7778b03ace8b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4891
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194742
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 465 B
271 B 677ms
649ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxntmng%2Czxntmng_optr%2Czxntmng_optr_smrcp&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426502&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4547&adks=3710964628&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=779x-1&msz=779x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=4&ohw=779&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1c64a274f9141db54a4941e38e9bc028094cfdcb691b7acdcd32334633a9eb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 202ms
175ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426504&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4985&adks=361949062&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=779x-1&msz=779x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=4&ohw=779&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e94cb1eb3592f7427d936ba47da61827462012a43612112edce3186e2d93881d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4906
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194592
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 523ms
496ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426505&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=709&adks=3992931170&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=329x-1&msz=329x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=4&ohw=389&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fe84df1716ecd538a3b645272ee8c898a1d459395ba182a483ba0f6e14360e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4677
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308219880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 283ms
256ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328225399956990&correlator=1239004059816488&output=ldjh&impl=fif&eid=31061788%2C31061819%2C31061842%2C20211866&vrg=2021071501&ptt=17&gdpr_consent=CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DWeb%2520ja%2520pays%2520tarusate%2520org%2520Java%2520Web%2520web%2520xml%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F812117-what-exactly-is-the-web-EDMGHW&cookie_enabled=1&bc=31&abxe=1&lmt=1626744426&dt=1626744426507&dlt=1626744424473&idt=1936&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=1743&adks=3304885713&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=329x-1&msz=329x-1&ga_vid=629611823.1626744426&ga_sid=1626744426&ga_hid=575699181&ga_fc=false&fws=4&ohw=389&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a6c71cc480fa015add91b6d594f55ec0374f8e58c9d4039760b58873f3cea1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4887
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308194895
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 603705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 01:45:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D72A 0
0 59ms
59ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0YkHua5-fS4X1galcJODMOhF6WS40iBJ2heYUml2zdFoDAyoYxqm5k_HNIY_N79M6BOPRFESSYBEWKwDaHw4DFtf8c9A6ISzgD5SsQSeBV9IszkQljQb37n5rFOUV-fbmkWzJa4mZcsRR8zTtzmC0iTR-_5rW-WG7aY7LIRZcEvfQZOjJ-bWg-Pjubs42wcCBeLdo1dExipwk4uL4b2ffcspEE4FAhvW-R3cDgti8Ny-o-MH0f_kRpttiFRA3Q26ps_Kkb-AvRFSEa_9wbgLmV1ElBUuRovMS6Fv2_fHX_itAWxtlAHYeQuYbyqz4EbG3YSV-vfocbMhUccQovlDd&sig=Cg0ArKJSzDLOMcSTPT_KEAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame D72A 91 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a6ff4eb898d750d8fc88acca033f1b861f597180031ab8d35c76f66ab78af17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33282
x-xss-protection: 0
server: cafe
etag: 11263036041242655670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D72A 124 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame D72A 244 KB
90 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1&bust=exp%3D31061746

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 547779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:17:27 GMT

GET
DATA 200
OK truncated
/ Frame D72A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 214c6d0cfdab6030610d0fd3f36e5efca53998b8dbccd779ca1922f4445ba9d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C68 0
0 33ms
33ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlfgqgB-o0Pek4dGooG8hRPIO-e72wCgPCHGtgCh1vUxsqAurTlSSRToiqtT78I5EmOW4-1MY3Lej0d-7tdwHCyKxv0RCb2yolV8bVbMTduHgFPltjBv0h78Uluatajj2hkQxmO_mEPmBQwVTP2SAVf28zzSaLZnhXCKn0V0MjO0dKvCM7uX0xEfgCmZgrDsbXbTc0j57yN0FUaMnazwiYmbvoP97wxjMYrBM-Totd1IVTM3-6GpYIv940iZGMY1P6NClFfpXcU1yiawa14ukRtWCdSw3n-angoCGGAcsQK2f-6lnsc8m63JAwd0Tk_8Un8lY5vI_tXEf9&sig=Cg0ArKJSzG2VuSdyW3vfEAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3C68 91 KB
33 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d24f3b29fd510b6529c87284bad7f8f4280e30a3b55bbd45c8d62b7fd5982f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33270
x-xss-protection: 0
server: cafe
etag: 5139786948011617967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C68 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3984 0
0 33ms
33ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVbCWljC-ZqD9UUO7zRbm5Ko9Ph9ujkCeX5ublm3XF_zK0cbyAnNzrt9cnF09pt-sAzVlNfVsHZrjsJoGTi-EnsfG7sjO5I8VSyKsNvNqsisXbDJfAMUNWnCGvkIV9QkU_XX7cKlgXvKLjX9Kqu1Ht1yCjlmDir5fh4lo8IS3XnC453zDZ7vklFKE7iVSe_hiB7j3on6dpVcBUIYOLCyXVptQ2oSFmAss8kcJyX2eg5putTaE8vSHUCcCSFIRCdOW4DDvGrAmKVEkszY9gMQjVDk2q8spxMXksFk6uRxOc3RkA8jFAWfjYc6GzXGLK6oBJVy8to5Qa2XGnyZXQnjIl&sig=Cg0ArKJSzG7PiAK1q5_OEAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3984 91 KB
33 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d24f3b29fd510b6529c87284bad7f8f4280e30a3b55bbd45c8d62b7fd5982f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33270
x-xss-protection: 0
server: cafe
etag: 5139786948011617967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3984 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D72A 207 B
412 B 68ms
67ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1&bust=exp%3D31061746

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0e8e27106c25105778ece4bd58436a094dcd034fc72f7fca03a1511b37076d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame D72A 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D72A 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69C2 22 KB
11 KB 158ms
158ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe88fe12cf30ddb03f0747475988dea8bbe375df0f4a7e2d3b1d06e10a621464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 10752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D72A 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 3C68 244 KB
90 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
DATA 200
OK truncated
/ Frame 3C68 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8c55e85e13b44ceb83d60ff0fb6a9342f9607da7fc0ed3ba098fad989ad39c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D88 0
0 58ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFqwb8lEUips1CgNY-yEok-URuc_aBTsMJ1kLfcACUrP4QWLVB7f-n7Af3SiF-VWDbQwWQdkWv3vdxc8Vjj55wNb1s7V-VbDsac-cTmD4j2ohw5CR6WKS2pfMOpyHZ_sMppof9DXQ1V3klGMe8ANSbf2o12TgDGpb9CfSnZyeFotx4jOjg7A5MoDFC2g2y-QyauenzNg4av9A-l3wVzO4LPPzxAHgZkW5CsG_xdREw1Jng5dj9rlWaDhGVxeRgdbZgHX6TQBox6GYpY2HT4E81bPR2Vq-6UyQ5kwJEWm_-XXDaKdZI9PSXuwtxJVjsc5zh5-h7I6QClno1&sig=Cg0ArKJSzPtuuS89PtcREAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9D88 91 KB
33 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d24f3b29fd510b6529c87284bad7f8f4280e30a3b55bbd45c8d62b7fd5982f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33270
x-xss-protection: 0
server: cafe
etag: 5139786948011617967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D88 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 3984 244 KB
90 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:06 GMT

GET
DATA 200
OK truncated
/ Frame 3984 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcf59f03523237d1e644cf0deb8af473436b82c95bee8418af2bbd10c3875800

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3C68 207 B
219 B 32ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

41747b0d00d50be011fb118fdad7fb9445072002034cb77ee9e5bc800728ae08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3C68 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3C68 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A008 14 KB
7 KB 116ms
116ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbda19c69a7d318eb580f057e09f176224401cd8ffec9abcefc4a9f7399ceb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 7367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C68 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 9D88 244 KB
90 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
DATA 200
OK truncated
/ Frame 9D88 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46ac1e08710306d2cbe33f93e5f164b4af097280878d330a0535879173bb353f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5947 0
0 33ms
33ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstS20z_AYyahmMOsDDphZdWhJUKVkHnpbn6IiWctvxOEvY6grfUDBxfPYY_YViDanbxkquC5gfAUkNH6p7cYSA-5WOPkjD8Gm8M9I5tjXlyaM35KVUrFKby8G0UftVe74ZyJLAj2r6khBUxFakGKop4u5uzk66VHCAGD0mztKKsCTzt4RiGiDpAryIMALQVOUaHMKndF5roBH7kys6av97nBbyI-kY-__cDjF42Po1tC-Mf5PThmTr9a9v5AFuDWiJK7LJ0Eg17IptjeCdz_vd-FxtYeIj8JbxQrBx_i7M_8lEz2POCpR_kAUFUIepxvsJk9oEiB4PuFb5C7qjNXBCN&sig=Cg0ArKJSzFcUv7TT18HxEAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5947 91 KB
33 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d24f3b29fd510b6529c87284bad7f8f4280e30a3b55bbd45c8d62b7fd5982f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33270
x-xss-protection: 0
server: cafe
etag: 5139786948011617967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5947 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3984 207 B
218 B 30ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9cf5a4f6c1554820dd5935c4e63efe45d3a5132be12250e05e3fde7890d17a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3984 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3984 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33D0 13 KB
7 KB 112ms
112ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48f4227c0b44f821305f0cb79b47a5f0e3e7d53c44e0e72d366f5ba2bfeb31af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 7086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3984 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F5A 0
0 60ms
59ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWs2RapKtkQx7znkCXk8jM8zOHhH0dxpnTZaF43czf_kUQQVviNSsWhFijDPNhhTv0VcJn-60-nptOSIDhREztA0sanAp3nfviwAK71BYgnG0HlSDeJApenMZ6av8HLT9uWe73Skx1e6HiG0I6aUVL9bB-nKqV8sZwVOT2nnMeR08hbG__rdpiwk4Qd_pOwuesF2nRoh1_izzFiLzg2OaNq09F81AQD1-4HDFam5NvmX2ItZDJnuwqCqFlmSNGz0WM35aYwrbhxVetSCazrCniL8znZ_l6rJEGCZnMT25UaccE1IRGqIZnRDX-zJ5vnl-y-Jz1isbH167ehqxF3m92&sig=Cg0ArKJSzFPzw31yR9PPEAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3F5A 91 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a6ff4eb898d750d8fc88acca033f1b861f597180031ab8d35c76f66ab78af17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33282
x-xss-protection: 0
server: cafe
etag: 11263036041242655670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F5A 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9D88 12 B
53 B 66ms
66ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Dbf8dc86c61e87393-2271be6070c900d2%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZHgNcFwH3GhVmvUr1txvuxdBfK0A

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9D88 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9D88 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

1_zxm_smrcp.html Show response
cdn.zx-adnet.com/adx/ Frame 75D7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=ZXM%2Fzxm_smrcp&adk=3467223789&adf=816031644&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=1200&fwrn=3&f...
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

10 KB
2 KB

19ms
18ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

14e3cdd51580b866e12a2220c5a394d1e8fd59c13cb98e2538b0cb44611e7e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_zxm_smrcp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "116629650762f98a899852d1fac2927a24255cc55cd210d5c68bb91774363870-br"
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Tue, 20 Jul 2021 01:27:07 GMT
x-served-by: cache-ams21053-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1626744427.304851,VS0,VE1
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length: 1785

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D88 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 5947 244 KB
90 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
DATA 200
OK truncated
/ Frame 5947 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e8c68abf340bf0c00255d90741afaf0c379b4f6415b38fe6e7e125886d9ae53

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 69C2 2 KB
1 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69C2 124 KB
37 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 69C2 14 KB
7 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 00D4 2 KB
2 KB 48ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705b11939143e6ff022898d07429149eda8cdbf97ef6da908681eadf2f6f0fa3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671867be7994bedd-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0C1C 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80282
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 3F5A 244 KB
90 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1&bust=exp%3D31061746

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
DATA 200
OK truncated
/ Frame 3F5A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4ee568d4318cbc9b262c7ad87624df8679037b3a96d95b2d6b77ed59b2e81b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5947 12 B
53 B 31ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5947 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5947 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4304 16 KB
7 KB 127ms
126ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b25e2b855d994b27c158c1106878b933376eb182d238ead5d116086713625e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 7029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5947 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
DATA 200
OK truncated
/ Frame 69C2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f554bdb394c0aa643beb1649763d6039621078db3b32a62155c50c5330ee3f7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame A008 3 KB
2 KB 104ms
33ms Script
application/x-javascript 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MTgxODEyMjE1Mzc3NjQ0NjAvNjYyMjMyNy80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLUhXZlMzS2JtQnZna0p6QXVQMFRuay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzE4MTgxMjIxNTM3NzY0NDYwL3pyaC8wLzU5LzE0Lzk5OS8zMjIvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyNjc0NDQyNy8xNjI2NzU3MDI3LzQvcHViLTY1NTA0MTMzNjM2MDI1ODgv/7r8zvoXskabhvkqw6iMEdoPK4oo&nodeid=1834&group=eu&auctionid=2718181221537764460&shardkey=2718181221537764460&sid=4562306&cid=6622327&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.29&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%26client%3Dca-pub-6550413363602588%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: ab3f1887593ac8bd6d2040a5eb64dfab60b455ebf8edbff822fcb53e89969091

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:26:57 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1626744427
Last-Modified: Tue, 20 Jul 2021 01:27:07 GMT
Server: MMBD/3.202.0
x-mm-latency: 1 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x35, zrh-bidder-x141
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 20 Jul 2021 01:26:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame A008 2 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A008 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame A008 14 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A008 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKvp6ayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE5wFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVt6KsVlHLIlEFlszCi6nTNPEGOABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=P6jo0XeixfE&tpd=AGWhJmvHIhxvLoQW5zQg7MKArXSjH5jNKGpjXx8hTnAa2KaPhwNpHfk60WKwSqw_n7fXqv7tJhiiSfgdpJhRNywKDc9HAaKx3BOGLRVhZzWDOrkArhgHs8wtPwj6d3rQx4wVlyamoRrnmMQr6u_L-HkPFSOr3JaYyOOWKneAEiKuYYrF08-TwHBGj7vQvo-JtglMO9NPEnRf5f5nUJXZmR1_Jhv6oW23tpMmQ-gvz2eTHz1Veo4AQ1u-TwLqlFn7oOU6PSWge1Y-pmbetOOxghUQB35LfFL57Tf-YZh31d_O9ZfiFhpK0l2Ud3ZptexegJ7IrbVYpuFqgpO8TxOzOm7rBV3rXL-a7K36kOIvfEQrRMM-Wfy2r136nOFnQWhkl1oyEUCKbVttV4RA8kVLi9zkeC9BqihvAPh0qNUzPzo8KsfAeGint7f7WtgYlYEf9OM13I6_W9pU-0B4lDsni4Bd-R-Y9clRFMPCJGV8BvR5oC2Epva_jvl4xJvdi6FABLvbfsgac_2c8PCBQH3NybOP27RROfECf17HxsnJzo1dn8nNzDWzVVpWXGf5Yo0tPANnpk06iDDvMUhj_av7kKrbC5oZZJqo8rIryNJLrOaTTPHfHQIgw885zos8l-70y7pK3OF4ARajLR2QAIyx9LhwUfVE0b58kqOC02SWngJWFaM8zcSq2OfQJAsgbYj8xzVvbh2UAcUlmQ-VCLuRBsWkv4R00CvQhGolV__98BfmnxKeTlwYVlvw9yELHIY6FmKTZYmud3WaA4jyG4J7J3SLLC85GRBAaYom_Jp53plDumaCHwby2hq832f79LiBMlZaGUKDRwxtC4Rt9PRZIL6rGXw0pkmK3B7066mwczstjJXQ0hPq_I5KU0ZA89c8AddjspQC8cFugQ9z60YRQvmYbQ0w0pFQ2v3OXzio7EmVkkN9UwfTh0BuwrJnPYXCgJDRHfi6_N3yrgzVErZIX2cz1rNb8k4VXT20x3D2JMrI99ACTXq9wJoJn0635cPZ5r5tNyNnV7GK6LpfWL-uCiFdhTA8F_twFBZkivE3q4hUv3mbC5pubp9d9cqz0D2BcT-d5w

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 01:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 33D0 3 KB
2 KB 114ms
49ms Script
application/x-javascript 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjMzODIxMjMyNDA3MDc4OS82NjIyMzMyLzQ1NjIzMDYvNC9nQ0NxNUUwTzBudktZZHJtdkE0ekYwQ3hVWmpxQWlYSjIwLTZDUzh5Nmk4LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQxMjMzODIxMjMyNDA3MDc4OS96cmgvMC81OS8xNC85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MjY3NDQ0MjcvMTYyNjc1NzAyNy80L3B1Yi02NTUwNDEzMzYzNjAyNTg4Lw/wlsLGGQl7S7xU7sWe9NpH8fOiGI&nodeid=1834&group=eu&auctionid=412338212324070789&shardkey=412338212324070789&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%26client%3Dca-pub-6550413363602588%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 8c632a69b02a2b1439ac89733c8f7c45ca1d9f47f1c4f43b388acd5e5687f232

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:26:57 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1626744427
Last-Modified: Tue, 20 Jul 2021 01:27:07 GMT
Server: MMBD/3.202.0
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x25, zrh-bidder-x141
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 20 Jul 2021 01:26:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 33D0 2 KB
1 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33D0 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 33D0 14 KB
6 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33D0 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRVd7ayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4AFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eidM8db1YvOR7SQjOsKaU-pHeKIAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=ju1kWUrosvU&tpd=AGWhJmsFpMJB4-jtHS7mTVFGQO0CirGwDIfVjSJYKC29eSu04agDMv7TZruZQtnfbCC0tqtzonc-fnzemfggBuoB0Q2M4253StjdaGe-tyooIpUk7FJyyKy1TxruhUABe6Zd4LlH2p8DRC4FWOgiiGz6m4fpG6WkbEdlU-ntdTFdippUY4qY6HUHemiHMi1l5OD8nD4mKa9fsdNSHmoznEr4AzoR2xf-NMHJAN1iSZoE1X5fpno0ubp35uJxJHdEpd_5xn2M0WczP6B5UPapLwSJrhyxMroKXow5dy1nqvszEk1BUy8P_UQFfLZ56MvaAFaDDZCjbQTYhVeiaVjeM0Ei7d5CDNB2w6c2Wbk3LVrQir-XL0fk-cn9aJpHcppLxSWZSzPuHHLoxLy9g-EgrxiwwS0nWtSkq21f6-AzK0e7z9pRLI6ykWvP71qyDHJMzROIr2-jGMjdxPbfGa_m3e9z21Vh8qj9dGQpsVhpMXg0zK8ZabGWg8-Kfn-ABlWgoX60hdfqWugy213OuM4Qmmd_aEwoZ1t3igtYD-bVSRutbvpqyr_zVxvOTrt-t8WLGrPwgOfFTnviJ5vK4XG1TRXPoWlwrTkIrhTOocHCqSNDAgMAKG2DKRmmKT4vSb420VG0aWYjcP_j7KGPJtzjZJUaXL-fNebz9_p4jpx671urz4GkrCTdnbHLZ-gY8miCaCJDrBm_PzQxYcG_pvelnrFb92xy5arVC9HVNnRw33sgInhFTkYawZ9bzDkTYEACT5KJIXjV_Wbcj-aSHymgTXtSbk9BClqAEvcisUafGNXbxmFRzO6o5nXT9_Jea8sF_M_91eIRbhyG3ReiG6Nb8I4xPMbrZqQ_Exzxi7v-cNhjXnpGfUpaCAEcDxgfMnZlswj5SLpT4MQqCfaCsJWoVf7g8yOMBlRcPa7kBM1JO2vHRyp1KHt8aIqmhM9JgTF3mYAG9SV3vEPkJ49ou7i6x88tM8xy5CN04Sm53ANRyOeOP6T1rqmiBZkARZwiTDxr3Ej_QZxJsACI8wJhT6ymtckw-P9y-7S9Oe2xtW882xSK-Jy76UF6mNuKltLPBdw0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 01:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3F5A 12 B
53 B 31ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3F5A 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3F5A 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3803 13 KB
7 KB 109ms
108ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eebe232b2c0442dd6d74ad8294f40a7b1e64acc93b5a6b5a3989031f3472f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 6955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F5A 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 00D4 58 KB
7 KB 29ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1868089
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGew1M9UqNk6MtCL1hHc7GRdh2u3JFcoZxJx6J%2F94spYWZV2bfdYa7zeQ5vtZmAY%2Beq%2FE05RtmLHPPDLHKTJt5cCPVbvXJ%2FbV6q2UA8XN6VxYUZSo13UyesPgIQN%2B6%2F4b55pzk8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 671867bf8fd6536a-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 r62eglto.js Show response
ad4m.at/ Frame 00D4 36 KB
13 KB 30ms
20ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Yifx+w==, md5=dYxhy2ipXS+j9p8i0KpDgA==
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47898
x-guploader-uploadid: ABg5-UxreyhrcfN7xScl9xTXe-G67tc6hbQ1tHnoI5xVH4ghNOkQ9sF6ds68T76UCmvWI5lNWXSj9BXUSy_B3ceUfd0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:07:55 GMT
server: cloudflare
etag: W/"758c61cb68a95d2fa3f69f22d0aa4380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC9q5EefYw25xAjHi4Lf%2BvqCcaxeRuEUoJ3b6OOegmvlsjSS8nIF1rspg%2Be%2FPFFqU2mY2pL8gYHOKLIqhyFOFvUoyz%2FRfel8Qb5NzjJuyBBKGzeEpVGiaFHaWuGWQV2LeG8o8Qc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672475536814
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11941
cf-ray: 671867bf7fd3536a-FRA
expires: Mon, 19 Jul 2021 12:08:49 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F48 66 KB
24 KB 440ms
439ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18af7323671d086a766443ef797dea76e08a212ca73b8b3deae1b534f1409bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.zx-adnet.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.zx-adnet.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:27:07 GMT
server: cafe
content-length: 24300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0C1C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPIIPUxSfcZdFeqs2yXybf9thXEU4JiYWQPiHW0wmX5aseQM-SMJ55NGxlQZ1Ve-MBmCv7vShkCsEHGCELOVQ6k2dwESHUaPRA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

43 B
407 B

22ms
21ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0C1C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM...

43 B
415 B

160ms
158ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 671867c109704e32-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 46
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 671867bfafee4e32-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLYluJcVwVs8wvTlm7paRYzoBxUdHcJy5BEdrmbny7KC2I1qxAfeK8o8HuIIHe5UHbuaeJSI_X4-kc9BsDU18LIyx_1HVM7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0C1C 70 B
265 B 119ms
37ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHeXKBJIHbio5qf0dAcEBGM&google_cver=1&google_push=AYg5qPKuz802LSOe7IyVc62E6PlX10PmTmSiwUHNaqNcKMYoG6tHcLh1Hw0AtfJYYtREuLPBBkQG0zDKLK0oQ4WsJ2YEk9Zb6PLnoQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0C1C 0
191 B 97ms
29ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOIxVO4H6cBvqD5AZphFOdY&google_cver=1&google_push=AYg5qPKJjwBPDN6kahF_RKM6Z9fu-VVWSP6o107Lve_QLkqUat_4wRcSdkpJNFx2s4Re47ZfmGQl4Rb9mU9qRK11Aq4dingwebG9Sw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0C1C 0
135 B 65ms
24ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHAp3See6yicChVh9BPOQ5Y&google_cver=1&google_push=AYg5qPISQnhjCBenTI-Qrd9WtDfGGGTOs-pVxNr3SPAWWEAc0HncZ8u5p0Bp5auX6Jt8Pc5DdZIbh7Nxo27VbiEkYMWPjxM1owGILg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0C1C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPJaYU1vqlkOEeCPEXHBkU9nT50RK1oxdh52kAwYaFYdzDYR-53J5uhE1lhFZrD-zegQ6q8vGHb1EVW_Ydms6cUbsYY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJaYU1vqlkOEeCPEXHBkU9nT50RK1oxdh52kAwYaFYdzDYR-53J5uhE1lhFZrD-zegQ6q8vGHb1EVW_Ydms6cUbsYYPRYG3&google_hm=NTEzNjM1NDExMTEwNTg4Mz...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJaYU1vqlkOEeCPEXHBkU9nT50RK1oxdh52kAwYaFYdzDYR-53J5uhE1lhFZrD-zegQ6q8vGHb1EVW_Ydms6cUbsYYPRYG3&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJaYU1vqlkOEeCPEXHBkU9nT50RK1oxdh52kAwYaFYdzDYR-53J5uhE1lhFZrD-zegQ6q8vGHb1EVW_Ydms6cUbsYYPRYG3&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0C1C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh4W...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uG...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh4Wod2c9BHTHI9PMwl6hArM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPLKdwUlp1rNjIN-DWqBsQdmHKBjHgXWu1oehqWG5ZWqAmTTLVy5kf3zVpUF5N9CBnZ06uGNrh4Wod2c9BHTHI9PMwl6hArM
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0C1C 0
253 B 92ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LV8ZTT5QTAUIG_9rwdK13v0XWY_w6BtgkeK_TdyJ60dnWLtmg0zKPOyl51R7eOKfIegzOs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 00D4 3 KB
4 KB 30ms
12ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3502045
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpO5Bti9wvAsDPIfTKbqmA1xLvuxyskEjcBpU4nEN4z2IJg8wjrD7CQHZGNubAlIwLkCSNndehqzwCNCqC07Z%2FYgWdV96nYBoesyFli0XIhZAKd4QpUSIhEeLo5Es%2Fz4VYWtS46bGt8r16cbR4s0rHF4Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 671867c00d6d074a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame D177 2 KB
2 KB 17ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 20 Jul 2021 02:27:07 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2262670
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9x%2BLWk22Ium6w1NzQalKtOoobKmfRt6REozdkXZGFdd%2BMc8gODcjb4XJXhXA68YrpPM1ArNyVRxCgFbR%2BayBcSvccboNGs7rhT%2FAcAbv2C%2B9Zwp%2F4hI6jRMz7itLZWOvi3VwKdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 671867c0086b536a-FRA
content-encoding: br

GET
H/1.1 200
OK yrsa821xsiee Show response
hal9000.redintelligence.net/zone/ Frame A008 11 KB
4 KB 101ms
31ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=2718181221537764460&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2718181221537764460%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_cid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 68d410fdce0b64474896156e1c5238f2a0796f178bb84f58f19e00eead1248f0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3464
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame A008 49 B
330 B 103ms
33ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2718181221537764460&node_id=1834&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MTgxODEyMjE1Mzc3NjQ0NjAvNjYyMjMyNy80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLUhXZlMzS2JtQnZna0p6QXVQMFRuay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzE4MTgxMjIxNTM3NzY0NDYwL3pyaC8wLzU5LzE0Lzk5OS8zMjIvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyNjc0NDQyNy8xNjI2NzU3MDI3LzQvcHViLTY1NTA0MTMzNjM2MDI1ODgv/7r8zvoXskabhvkqw6iMEdoPK4oo&nodeid=1834&group=eu&auctionid=2718181221537764460&shardkey=2718181221537764460&sid=4562306&cid=6622327&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.29&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:26:57 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x68, zrh-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 20 Jul 2021 01:26:56 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame A008 43 B
359 B 111ms
41ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2718181221537764460&v3=651871&v4=4562306&v5=6622327&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MTgxODEyMjE1Mzc3NjQ0NjAvNjYyMjMyNy80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLUhXZlMzS2JtQnZna0p6QXVQMFRuay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzE4MTgxMjIxNTM3NzY0NDYwL3pyaC8wLzU5LzE0Lzk5OS8zMjIvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyNjc0NDQyNy8xNjI2NzU3MDI3LzQvcHViLTY1NTA0MTMzNjM2MDI1ODgv/7r8zvoXskabhvkqw6iMEdoPK4oo&nodeid=1834&group=eu&auctionid=2718181221537764460&shardkey=2718181221537764460&sid=4562306&cid=6622327&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.29&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 01:26:28 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame A008 49 B
330 B 103ms
34ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2718181221537764460&st=4562306&time=1626744427&nodeid=1834
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MTgxODEyMjE1Mzc3NjQ0NjAvNjYyMjMyNy80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGLUhXZlMzS2JtQnZna0p6QXVQMFRuay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzE4MTgxMjIxNTM3NzY0NDYwL3pyaC8wLzU5LzE0Lzk5OS8zMjIvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyNjc0NDQyNy8xNjI2NzU3MDI3LzQvcHViLTY1NTA0MTMzNjM2MDI1ODgv/7r8zvoXskabhvkqw6iMEdoPK4oo&nodeid=1834&group=eu&auctionid=2718181221537764460&shardkey=2718181221537764460&sid=4562306&cid=6622327&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.29&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:26:57 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x66, zrh-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 20 Jul 2021 01:26:56 GMT

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 33D0 11 KB
4 KB 99ms
31ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=412338212324070789&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D412338212324070789%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_cid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: ab78dccf0128a9195171c9e27d6457c78b1e9fbadba9a57f9a92f194c7d3d7a8

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3449
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 33D0 49 B
330 B 103ms
34ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=412338212324070789&node_id=1834&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjMzODIxMjMyNDA3MDc4OS82NjIyMzMyLzQ1NjIzMDYvNC9nQ0NxNUUwTzBudktZZHJtdkE0ekYwQ3hVWmpxQWlYSjIwLTZDUzh5Nmk4LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQxMjMzODIxMjMyNDA3MDc4OS96cmgvMC81OS8xNC85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MjY3NDQ0MjcvMTYyNjc1NzAyNy80L3B1Yi02NTUwNDEzMzYzNjAyNTg4Lw/wlsLGGQl7S7xU7sWe9NpH8fOiGI&nodeid=1834&group=eu&auctionid=412338212324070789&shardkey=412338212324070789&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:26:57 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x69, zrh-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 20 Jul 2021 01:26:56 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 33D0 43 B
360 B 110ms
42ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=412338212324070789&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjMzODIxMjMyNDA3MDc4OS82NjIyMzMyLzQ1NjIzMDYvNC9nQ0NxNUUwTzBudktZZHJtdkE0ekYwQ3hVWmpxQWlYSjIwLTZDUzh5Nmk4LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQxMjMzODIxMjMyNDA3MDc4OS96cmgvMC81OS8xNC85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MjY3NDQ0MjcvMTYyNjc1NzAyNy80L3B1Yi02NTUwNDEzMzYzNjAyNTg4Lw/wlsLGGQl7S7xU7sWe9NpH8fOiGI&nodeid=1834&group=eu&auctionid=412338212324070789&shardkey=412338212324070789&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x31 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 01:26:28 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 33D0 49 B
330 B 100ms
32ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=412338212324070789&st=4562306&time=1626744427&nodeid=1834
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURrek5UVmpOV1l0TlRkaU1pMDRaVFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjMzODIxMjMyNDA3MDc4OS82NjIyMzMyLzQ1NjIzMDYvNC9nQ0NxNUUwTzBudktZZHJtdkE0ekYwQ3hVWmpxQWlYSjIwLTZDUzh5Nmk4LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQxMjMzODIxMjMyNDA3MDc4OS96cmgvMC81OS8xNC85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MjY3NDQ0MjcvMTYyNjc1NzAyNy80L3B1Yi02NTUwNDEzMzYzNjAyNTg4Lw/wlsLGGQl7S7xU7sWe9NpH8fOiGI&nodeid=1834&group=eu&auctionid=412338212324070789&shardkey=412338212324070789&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:26:57 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x76, zrh-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 20 Jul 2021 01:26:56 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2345 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckepoayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTgAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvSTigkBzVBEVPBfS4NIFkTo9TgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=fw_YZlbbfjE

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 01:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2345 0
0 42ms
20ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jv41h0n4gvsbjdtb61nadbdj84vk8gs0hr9fpy4xkwnt4pts9kzwnnt37p0n9vv3v29wcxnxtmnwaj5kr8zvyd9zvpn32qmm2nqqqg4d2f3rnzznfjgx54wdt54zja76ewtc49xtg061ktrv7k4m0nbv2awhh5yek4s7d48easavk85an00rb8hd6yg8m5k97majxwfgwssq5cwzqd5kycth233wp7tvms357wvxmzrnc0b9h4894bzmc2cysah6pane3r3e5mh99q06zzv6hkkzyj7b8p254zzj3skkmeyw1ara7djbc07ta07r1rjea3j6p6fe8t8paenpbapbaajf6mnm7fmran6t0sxsr82rv7s4346d8b4gxvjqezzpwmn7hch6070x1zf&b=YPYmawAGCOIK4F-OAAmJqhijX648Q-TcGBLrlg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame C796 2 KB
2 KB 18ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a5cd3f33906c9b5eb59900607a5adc1df17a891426dabf8f308c9b931d952e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671867c048c8536a-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 2345 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 335B 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80282
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2345 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 2345 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2345 0
0 22ms
20ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwtAqNWAym_ufBINd0wzDcMzjIt15HT0NIetej_rd8CW1YyoHa1ESH-rCTSHlRRYmAfD6g1W2G_qPdtqZM2wCJEz-A5w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 3803 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3803 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 3803 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3803 0
0 25ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYEm00jb9bxSSp0pykG4K-VU0NZkdk8a1aGXrilFi-s3Doq0Ry_Cozvvqutpkyd4j8sB9nvihenPhTmlbPDqHW8QjqxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3803 0
0 47ms
43ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJj6gayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE5QFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEJ8y1BKTnr6WbHJMylnLfskUUgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=DovjlVZR4d8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 01:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3803 0
0 30ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j4z6ernmy9qg6bfg27x96a2x9p1rhyhxev32zxtvqt4r8ch6chnkwmq1k6vftmx52xsm6awwzz6r94zjrd5p0fn2grta1md96c1m79f2tnprvp0r1yeryfc8n36qtsg4qb7wgxynwk3rnk3bnxxbxestc0d56j0318mga22v6aes9xftztpbmwmyd4dqajk5f2t3tpyj4wvbbhtzx0aw5dkn05vv8k1e2r3nqg7thhsw4yr1j1343hdgswwy5jyc6w7m9n6vtb117ejrgkknbrvv1hnwcggyp6scbt0f60gn0tv5m4mxfdmh9a41z51czc2q9zn21jcba82395tghf1syh6a2zzv9v3h4xm7at6zeverj6wcan72wbaagkz7gfvze1qgwg7yskh&b=YPYmawAGpUkIEeEAAAPfCiX8HKmSyOYV_MPVCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame 30EE 2 KB
2 KB 36ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52a143739dec8bde162e97be97a1b7a0994174fb3b5298e81a2cb8db4a96c1da

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671867c068eb536a-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4569 1 KB
749 B 11ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80282
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69C2 0
17 B 49ms
48ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJxtaaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE5QFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qrObXHi1p-PU5PQnT6uAmPzi8ngAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=PVd0AMjxt3Y&cbvp=2&vis=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 01:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 69C2 0
39 B 16ms
15ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gxrh5ybj5jqhd67590wg802mhzgeg2nwn16j6thv5wwgk80j4henvghyq38b6x98p9dehgzqdgkqxzcap21j7v88ep1ghhddsygfjtmd96vkemt3ya9y6hb87mxbahw26hh6z16nd5xmbe2bzqhw960ex1mewz60e9ke0qh5hdy4718zt68gnqvhek807fjfmz8h7j4d7dqknz2vkvwg15cyym17xrqkw7y3jwkv5fmd0npakt8jpc0skapn9way16c3bh9q987q2f0dmrjs8w1x43wtvnd9gbt2mqya5adts6zx6zj2syynssjrzhat2hbrb20x5bhs104z9c9fkzpcwym7ejtpe22xkwd49yd2evkyp07q2bm04ebf3thza72a9rydjbxg236&b=YPYmagAOGBwIEdj3AAqEYrjgeMCHdpxXE14_LQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031632&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426762&bpp=18&bdt=37&idt=133&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dec793bf0c2187921%3AT%3D1626744426%3AS%3DALNI_MYbqxCjwxlA1thLxrOPIMQV2dJsBw&correlator=8344256082548&frm=23&ife=4&pv=2&ga_vid=1377316366.1626744427&ga_sid=1626744427&ga_hid=1951837403&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4985&biw=1600&bih=1200&isw=728&ish=90&ifk=4216344621&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=53401674924345&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.caxd5gv99zqh&btvi=1&fsb=1&dtd=148
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 2345 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eb7e4f160f645b4d742bcbc47bc5c9115a8d78fbc04862a3ebcafd4cc0cca00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3803 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15f91bd8c0acb5073982a90f2b66a2cd626a5f4b09ddede8448b81131bd01d17

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame C796 58 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1868089
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMWDDPZIzZPeJ0xDvbbjxwztyINYqKfCBkNCFY172gP1ltGMmj%2BgFTtw%2Fh%2F5YYB4Xq0ORkvhTj%2FhOrp8%2FXh6gfWCcZskqm3MhHYZfReTNNgxevN0ja7OxuKyuPbmsoSlUqhtZEo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 671867c119c8536a-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 r62eglto.js Show response
ad4m.at/ Frame C796 36 KB
13 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Yifx+w==, md5=dYxhy2ipXS+j9p8i0KpDgA==
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47898
x-guploader-uploadid: ABg5-UxreyhrcfN7xScl9xTXe-G67tc6hbQ1tHnoI5xVH4ghNOkQ9sF6ds68T76UCmvWI5lNWXSj9BXUSy_B3ceUfd0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:07:55 GMT
server: cloudflare
etag: W/"758c61cb68a95d2fa3f69f22d0aa4380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5ts902q3QWoEfSLLIAV8KUiach77xfpmAivJwGUc9jA4IUFkltpTvsnZEHTpgnEsg29y0FgrYcKTYuY4XHypYf3rDpS3eKevz0Z2qV7hGv9UWtIxPYugwCexVsrj15ZZoQ%2BxzU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672475536814
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11941
cf-ray: 671867c119c9536a-FRA
expires: Mon, 19 Jul 2021 12:08:49 GMT

GET
H/1.1

200
OK

request.php Show response
hal900010.redintelligence.net/ Frame A008
Redirect Chain

https://hal900010.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900010.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

140ms
82ms

Script
application/x-javascript

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2718181221537764460%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_cid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=1353676706926&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9f003a05d8863b30a787ef57d34a16986d4aaa37dfebc6124e9abafa1426050d

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 44789400007836600951401011661010
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Tue, 20 Jul 2021 02:27:07 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2718181221537764460%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_cid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=1353676706926&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:27:07 +0200

GET
H/1.1

200
OK

request.php Show response
hal900026.redintelligence.net/ Frame 33D0
Redirect Chain

https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
938 B

325ms
269ms

Script
application/x-javascript

138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D412338212324070789%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_cid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=6366811125776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b73469b479ef6adebac93a946f8b231ff558fd95338589aa5b8d4f23e67f132f

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 79963400008673800951389011661026
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 332
Expires: Tue, 20 Jul 2021 02:27:07 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D412338212324070789%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_cid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=6366811125776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:27:07 +0200

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D72A 0
0 72ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkBIxpBXqjJSWM6OL2xGJyLq0GKJsDv5SbD6Kx1wkJb19cLsQZn85fMzng5U8MhqPJHUFSUZOHSsQSl2qH5KQouisidf2fqiG8GsLUjB3NmizyHbBd6bLGaq417RbRTWIwGPB2VZjbEFMhXAfwIHSn-e6ZW3lMfUJm0wrfod0Sa8sPe50jo1RCLVbZspfolNTYTL7pJnIxJhGcXQRwXCb3HZsXRwkfjtPWFjFAJBrcuO_P1kaOsrIO4EmngMIqlh1Ao64ebUBEQ6jxuLyg4Y4znjXlQAwQFhmZEgogJ2yimT1wsJWfvQkTcn4OCUccuUaBKpyJ3akes1-jtM11GEc4dYQ&sig=Cg0ArKJSzNIeNehIrbv6EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D72A 11 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f9bb84637e570ce691770e160844af4301975652065181933d8d6560ea6613a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8478
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 335B 35 B
462 B 11ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH81GGQmkFgq872mr0JeFec&google_cver=1&google_push=AYg5qPJ-V2FN1PbtpVMgwT_mgcOGa-YYVYrbzmEnMlQJn_9kcMkyk2obQ2pDJw-TcuCEkVO7Sob_fCNP9HuIT-ATkdrWIpcfjxkjTg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 335B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN342So-FjrWaRxjG1cvJy4&google_cver=1&google_push=AYg5qPJ3n0Mq4ydEzEFBcN2xwM1YpZ3nI0dBqk7E7QW5QUG6S1V7NX0M63gkRIRlUeqsEc1iIiKWeD8VUMdtCpuns6F6NH8uJCe8MQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=040786244751487795136B7212E06270&google_push=AYg5qPJ3n0Mq4ydEzEFBcN2xwM1YpZ3nI0dBqk7E7QW5QUG6S1V7NX0M63gkRIRlUeqsEc1iIiKWeD8VUMdtCpu...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=040786244751487795136B7212E06270&google_push=AYg5qPJ3n0Mq4ydEzEFBcN2xwM1YpZ3nI0dBqk7E7QW5QUG6S1V7NX0M63gkRIRlUeqsEc1iIiKWeD8VUMdtCpuns6F6NH8uJCe8MQ

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:07 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=040786244751487795136B7212E06270&google_push=AYg5qPJ3n0Mq4ydEzEFBcN2xwM1YpZ3nI0dBqk7E7QW5QUG6S1V7NX0M63gkRIRlUeqsEc1iIiKWeD8VUMdtCpuns6F6NH8uJCe8MQ
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 19 Jul 2021 01:27:07 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 335B 0
191 B 36ms
34ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOIxVO4H6cBvqD5AZphFOdY&google_cver=1&google_push=AYg5qPJdhV13hMoAJ4lv6x6UFIU-6v4xmscM7kFmIZNrAKOuPNKvEptOTOkBIdUo1eZePGrmKidPsswm-e7LOKv1MxwLTabKGAh1Hg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=830827601&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427205&bpp=8&bdt=110&idt=163&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1949446809.1626744427&ga_sid=1626744427&ga_hid=620062799&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=709&biw=1600&bih=1200&isw=300&ish=600&ifk=1410655490&scr_x=0&scr_y=0&eid=21066431%2C20211866&oid=3&pvsid=1581679106397401&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3j5giev5bxqy&fsb=1&dtd=176
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:06 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 335B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJc_5yaqQ-567EYkM8PbcMk&google_cver=1&google_push=AYg5qPIf4864_GikikK8DGmfmZ5WNHMaz5cYxCBFJjdIxhvehCgsE4GTZO3lzpMTvTeuN77g2DdxcF923A_zl_...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPIf4864_GikikK8DGmfmZ5WNHMaz5cYxCBFJjdIxhvehCgsE4GTZO3lzpMTvTeuN77g2DdxcF923A_zl_h3iz...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPIf4864_GikikK8DGmfmZ5WNHMaz5cYxCBFJjdIxhvehCgsE4GTZO3lzpMTvTeuN77g2DdxcF923A_zl_h3izxPZMlbkMe_DA

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPIf4864_GikikK8DGmfmZ5WNHMaz5cYxCBFJjdIxhvehCgsE4GTZO3lzpMTvTeuN77g2DdxcF923A_zl_h3izxPZMlbkMe_DA
Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 335B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIojBJun4nf681Z2Ic685AM&google_cver=1&google_push=AYg5qPJCH1xlrsiDnBO1D_fC9igRLbAY01pRbRG3DwdJpTITaDMFfxwUE3P8Vrfwsq3XvEPTVZJ2h_XPDhIkuLsk...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4g8JqqE4R5mKfJAxrqSjRg2&google_push=AYg5qPJCH1xlrsiDnBO1D_fC9igRLbAY01pRbRG3DwdJpTITaDMFfxwUE3P8Vrfwsq3XvEPTVZJ2h_XPDhIkuLsk9eN9iqrCLYo7QQ

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4g8JqqE4R5mKfJAxrqSjRg2&google_push=AYg5qPJCH1xlrsiDnBO1D_fC9igRLbAY01pRbRG3DwdJpTITaDMFfxwUE3P8Vrfwsq3XvEPTVZJ2h_XPDhIkuLsk9eN9iqrCLYo7QQ

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4g8JqqE4R5mKfJAxrqSjRg2&google_push=AYg5qPJCH1xlrsiDnBO1D_fC9igRLbAY01pRbRG3DwdJpTITaDMFfxwUE3P8Vrfwsq3XvEPTVZJ2h_XPDhIkuLsk9eN9iqrCLYo7QQ
x-host: tde-deliveryengine-production-7fc948674c-nw2hr
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 335B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPJemsQ9FVZb6tuozY9zigixLbOaKrMwkvF43hcJtAKA5KJfwWbL2UeFht2QBeib-E3bFXpJqJtmbZcl0rtqcA5Y6Z9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJemsQ9FVZb6tuozY9zigixLbOaKrMwkvF43hcJtAKA5KJfwWbL2UeFht2QBeib-E3bFXpJqJtmbZcl0rtqcA5Y6Z9qPvYR&google_hm=NTEzNjM1NDExMTEwNTg4Mz...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJemsQ9FVZb6tuozY9zigixLbOaKrMwkvF43hcJtAKA5KJfwWbL2UeFht2QBeib-E3bFXpJqJtmbZcl0rtqcA5Y6Z9qPvYR&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJemsQ9FVZb6tuozY9zigixLbOaKrMwkvF43hcJtAKA5KJfwWbL2UeFht2QBeib-E3bFXpJqJtmbZcl0rtqcA5Y6Z9qPvYR&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 335B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPK0TcE4BBEEpuy-7lpSVjda9hrztqFRu1LaR899py7Z8bRKesCykZQY_Ju0mUEJ1mp2V5nl0i83...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPK0TcE4BBEEpuy-7lpSVjda9hrztqFRu1LaR899py7Z8bRKesCykZQY_Ju0mUEJ1mp2V5nl0i...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPK0TcE4BBEEpuy-7lpSVjda9hrztqFRu1LaR899py7Z8bRKesCykZQY_Ju0mUEJ1mp2V5nl0i83LIiUgA5Jx-ZT5pERx6XEtw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPK0TcE4BBEEpuy-7lpSVjda9hrztqFRu1LaR899py7Z8bRKesCykZQY_Ju0mUEJ1mp2V5nl0i83LIiUgA5Jx-ZT5pERx6XEtw
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 335B 0
12 B 38ms
37ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2Q9BidaToIrVlji9ZD7kj209BwSxBCipZvrHXVvtuIdFhcgaSQ5z5uJHuRENGDrNOGoel

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 30EE 58 KB
7 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1868089
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lW2xuCvrigUCzDo%2Fmg37e9G0Vg27d%2F%2Fc%2FwVBq0n3WKLgLlf7bTFgim4I3N0dEb%2BiFGW7rU9pCaGF56mPlhccFAMoZ5nfQuXpfgbXect3IzGq8d%2BhHGaSTV07VNLZi%2FEzwe6oLOo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 671867c13a09536a-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 r62eglto.js Show response
ad4m.at/ Frame 30EE 36 KB
13 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Yifx+w==, md5=dYxhy2ipXS+j9p8i0KpDgA==
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47898
x-guploader-uploadid: ABg5-UxreyhrcfN7xScl9xTXe-G67tc6hbQ1tHnoI5xVH4ghNOkQ9sF6ds68T76UCmvWI5lNWXSj9BXUSy_B3ceUfd0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:07:55 GMT
server: cloudflare
etag: W/"758c61cb68a95d2fa3f69f22d0aa4380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWUOjZP4myWxlaYyPbXih24eaGt1xguQW4Cojcsk2P9sYCzAO90S31wd4ta2WOrZAHzy2IC1K2NangcgIcG8Rv0CJFaVciz45dMnlF2cTZnDApnLRIknUh%2BlW4ppYblKSZGc0O8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672475536814
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11941
cf-ray: 671867c13a0a536a-FRA
expires: Mon, 19 Jul 2021 12:08:49 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4569 35 B
462 B 9ms
7ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH81GGQmkFgq872mr0JeFec&google_cver=1&google_push=AYg5qPIy2QXJUnKd7NSUJhJAObcZJbwKn5BmMr1UWQtCES0DLqtXtvgBZfn0JLov_eLT31n0ReowPhGFzE5V-SMJSpczzJFGou0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4569
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKwWKIRthkt1-NuVgTr6pFt44SkcjeQwrE8BKr315r...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKwWKIRthkt1-NuVgTr6pFt44SkcjeQwrE8BKr315rnbyJnyEzy140GJ36d1D5FW02b4W0eefFvz0mr0mbXeAViZE9iLM9Z

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKwWKIRthkt1-NuVgTr6pFt44SkcjeQwrE8BKr315rnbyJnyEzy140GJ36d1D5FW02b4W0eefFvz0mr0mbXeAViZE9iLM9Z
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 i.match
a.tribalfusion.com/ Frame 4569 43 B
708 B 177ms
165ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPL_oeTJiLgaAM-6_bJahFF2z-Whadws3jq_x8McxGGBz1qt8h7VIoFHV5-S_wkBUIo4oXKbmjIXKLhrSB9v6y0HhAUgvP4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL_oeTJiLgaAM-6_bJahFF2z-Whadws3jq_x8McxGGBz1qt8h7VIoFHV5-S_wkBUIo4oXKbmjIXKLhrSB9v6y0HhAUgvP4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 671867c15ebc1786-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4569 70 B
264 B 39ms
36ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHeXKBJIHbio5qf0dAcEBGM&google_cver=1&google_push=AYg5qPJk2H7tbOE-KYFoKBmvGnxep7-l3yk6dutgKgq4MCUYairkFiQc6t0WN0YknGsKJQTg6Gu77c7PhTmTzhoMAsYOQso8Rqso
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4569 0
191 B 37ms
34ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOIxVO4H6cBvqD5AZphFOdY&google_cver=1&google_push=AYg5qPJLWq3tOAYAWgbCbOWejbgkphy7Ti3r0CeFRb4Xoo5z0OdrNpmCraRe_Au_ld2RatzzU-8zmYhrg11Gtdaa1_4yF139NQ2t
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4569
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4Sg...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64218ce4-4c29-4390-81af-6cb3e21b2d8a
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64218ce4-4c29-4390-81af-6cb3e21b2d8a
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a7fbe8fd-726b-4934-b533-e2b230ebc22f&user_group=1&ssp=google&bsw_param=64218ce4-4c29-4390-81af-6cb3e21b2d8a
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD3QvKMKA&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD3QvKMKA&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKrTK2DJ1z6RcMiGlMdz4Izj4DDYvgxBqd4JEWIDVEqnvnut8i3nn68ORrBbphblm0e5rt4h0sKmsl4SgbQKAXD3QvKMKA&google_hm=ZCGM5EwpQ5CBr2yz4hstig==
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4569
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPL2jwbDhSHY4pFdwtPL6jIJCIdxefhEs7rZ3qD0-Um_3NRMcdfyKwhOOIE44RDeg_UZ0A7EdJt3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPL2jwbDhSHY4pFdwtPL6jIJCIdxefhEs7rZ3qD0-Um_3NRMcdfyKwhOOIE44RDeg_UZ0A7EdJ...

170 B
188 B

35ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPL2jwbDhSHY4pFdwtPL6jIJCIdxefhEs7rZ3qD0-Um_3NRMcdfyKwhOOIE44RDeg_UZ0A7EdJt3cIOSts0bi4cnIONbGckY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPL2jwbDhSHY4pFdwtPL6jIJCIdxefhEs7rZ3qD0-Um_3NRMcdfyKwhOOIE44RDeg_UZ0A7EdJt3cIOSts0bi4cnIONbGckY
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 4569 0
12 B 36ms
35ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBQU8I_NQxMmeA0veJWwrNelLdOy8ZMRfaP0az2p-R6hf8LtKPifeqP4SA50OkoV_DRKW7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031646&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744427288&bpp=5&bdt=144&idt=126&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b-22506b8170c90003%3AT%3D1626744427%3ART%3D1626744427%3AS%3DALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=1017264782.1626744427&ga_sid=1626744427&ga_hid=1130323779&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=4416&biw=1600&bih=1200&isw=728&ish=90&ifk=2666452450&scr_x=0&scr_y=0&eid=42530671%2C31060956%2C31061746%2C20211866&oid=3&pvsid=2477018438646739&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1v6cwtvtqugc&btvi=1&fsb=1&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3-29 200 rs Show response
ad4m.at/ Frame 00D4 1 KB
2 KB 39ms
39ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11d2bb6c2aeb4bc39a432b96fbe5124f2c15bceede9a9e9417c2561dcc4fef4

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j8573afd4m3zsa12fr9p9ggjm4tgx81qds19vz757q0m194gy1tm8xch2ea5n0dgf10evn02atfxmjhb2tr3hcy13dfm20awxdq4ja84kns684p2kwynqbxzkhk2x8682saqgdss9h73xybvsnb3hyy0s5gqjq0zthrgemghrhcaj2z05a1baj7f3dwzt5j2qs6xy8fng0wfy5fc6rbgpyj1gw8rzxbqcqkn7c0m7e7ezzzqfak2g10bnvjpghkth8rek00hk9svkct6ccq9xwd14bef29n7tmsrmf8zaspcqq88pep28ejzrnnfd0ee47g5b9svxqjmvmfwsm51pfd13bf3j7q7md9swgyx0pp816pf1v7g40qrndm9ebz2r13mp2kaze2v1pv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 671867c15a1c536a-FRA
date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msMp52AMs%2FjtcG4qsHuGy9gwWZuqOYK0n4U02udSSOodCnne%2FmBKlBAjleSJhbQ%2FypTefvtYOfdC0H8Gn1HA%2BKw4VTzqwWATZwRpCSLYP9f%2BRweF8cAgP7OzyAxyMLFHyxWyoII%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C796 3 KB
4 KB 22ms
11ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3502045
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NGMpJrG3WEFoCxysYh5yLC1tM9o2RcaciUh8J4J4EbDE%2BIu8EDybU5cK54o8k3TSNCIuMyL5vbiIUHoqUDMsz4wZOLjDxJv1RJG6t%2FeukVfj0LrV6zPIT1Ya%2BoO3rPpwF%2Bx8Bqfc6Z5G1MrkyWQADonhw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 671867c169664e49-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame A639 2 KB
2 KB 15ms
14ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 20 Jul 2021 02:27:07 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2262670
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDa5AO9Y3TD67%2FUrFF8pMNhCbp%2Fpe2Xu%2Fg%2BU%2Bkz60rAeHO1U9AFW6r4hnTUpe5xYnpWgfnesIkuVi3XdlbYmOKWZh3JeiR%2BcdIjK98Mx%2BkdgiWj9HuaBROzTk2QZFOn3Ms2lb6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 671867c15a26536a-FRA
content-encoding: br

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 30EE 3 KB
4 KB 11ms
10ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3502045
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2iqSZiQudBEI2bzuTT0EpZr7eaAm2RsQyuOesfeB7fcjH029AvM5M78aV7IvzZFELHSHOLQum7Gt6kvpyxpFGd1b%2BG9IBYkT%2FOwDU7WA1%2Fev7IUy%2BxjLKXua02mshXIy0a2wA82Tk05yvXbvevjYn6rtA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 671867c1696f4e49-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D72A 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame DF35 2 KB
2 KB 16ms
16ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 20 Jul 2021 02:27:07 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2262670
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKiWJygY6%2FOuIXE5MWhhk3djYqGB2NouOZUazbsh%2FhR0sWpMTFGr%2Bg4C%2B%2BnBuuceA%2FZ5Bfsnp4AYWfxxVey6rPvu3G54YzWMg8sBCgurc7zVafuNTvUxJmaHdLAYLFTusn1y3a8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 671867c17a3f536a-FRA
content-encoding: br

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5947 0
0 58ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss78J_m5Uw4w4hJTIDtZiqoe3uLgN9RDlV2Px-QiY-nxKX07QC0vy0vbsHT_6OgySG0jfE4yYFBx6Qn1hDcfSCV4k8_DotTOg-lej0crFVF_CpyX6e5qqHd6cv39Ws39JPjWO83mirxSiZ0LAgW8Rq21DpUVtUDrSStH3IcCKt3HnSFR7qNA4GgHMIj70RL07fGrISd5_e808Nt-0fhz9Buv3v0VyeSR97ZQbMIgZIlEyi8_stoq0C01h45WqpKgoSerZkKDdr1B6Yq-CBxSnaN8iPbaSuuo87xt0MjenNytoa7MZvrbGWA6kZ6c0quq93d3JMa7-PmOny3r69m7SgEoIg&sig=Cg0ArKJSzFwy2436CjxNEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5947 11 KB
8 KB 26ms
26ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

988a50924f595829656cde568a76d7fb47d18b737ab9352f852cb679d885511c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8554
x-xss-protection: 0

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 087F 10 KB
4 KB 23ms
22ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

293f545fb50bc98b8db534cdc41ab3825c6316e112a4b59a3718c0d4cf98c871

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671867c199fcbedd-FRA
content-encoding: br

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FE3D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2E74 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47f0b36fb66ab2eff5f188a0b9ead47bf78163df69fef45872b809831a6dfbdf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UYZIkBMwTySamqoQW35i+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:07 GMT
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UYZIkBMwTySamqoQW35i+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F5A 0
0 59ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvcj7HSyJchQvr9y8DzZs2fnV965Fa8EDnZ2KwHKPZ20OLZPcBPibwdyW2ehC-S_GbpDpd8l_6SZ8WxstHvF9z_HQkboPpzn4i6fLN9Sur_KPQY2eOf-YbhvpAhsiuFwSR6ZjA-VcM8M2xmaU7PltJ5c8d61JRkD99K1svtqtM4t78v5saDGh1ZO1v7kWT6S3KI3jLnGDGowPvflNkIBeK3nRg9uM2eSU0WOpZ01IFo-eF9zCTurqfxP5c-OZg3syC7Ibemd7IJXB0e3hkbB1PiKkwoeQU4L5k_0SqUXuIX3ZOOtNU59W-bwJSefZBmR9Vsxj_vrIwuWUhlYqlh1Bz_VU&sig=Cg0ArKJSzPiEgTTqA0BfEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3F5A 11 KB
8 KB 20ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7089e96f05686093215e5dd945ac9af8f8a6d4ffc29edd0f07ba740100bd795c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8538
x-xss-protection: 0

POST
H3-29 200 rs Show response
ad4m.at/ Frame C796 1 KB
2 KB 34ms
33ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953fbb986c03c4c97a3d7ddc83c049cb2023f6ac7df4c5a9a4efd8f3770065b0

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jbszvvj7a82mwpsxd3k9j098gnxb6xghzfqkwt70dz4tnh72b32r2bh29447wy5nygdw4s28wr5zmxymkpqf7r2jv8xddz3t15byp9w6hmsh5xdk02vfkeh2b602jzvng64txb0p3hq68e91rmemha3kgwszvmwqeyst2sw3m4jthax2s7egz2t6ar6s1zn2akx323z73059j2yjxrh9g27bxv96nwgmmdzd38mh8r81dcew7jzmadykrrftstwc5pj6f3cfk4qm78t3v102cc1817dqmmwpry9nzfj704e0mbf4acxzp6kdtn1es2cs3191k9ye2pg2h87cdk5btxatxsfzjwbfc18tdxc1tc12ka8tgeaj08e6hnejyst62h6jn1b8zk9hfa0eg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 671867c1ca90536a-FRA
date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irN1LhS0bTfdf7bVQhzatDXHE6TRScbr9%2B9ix2MrPkHd0m0oL4Z3kTYVQw0tjRnCXxFF5wBK%2FJzZQ8YvcGvGPjfQHKNF3rVpemaTQYb4xaNWtXfkCr7SOWJ%2B35sWpWLfMsL1kHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5947 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1BD6 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e6f52918/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/TnrAdwhuY34?cc_load_policy=1&hl=ja-JA
X-YouTube-Client-Version: 1.20210718.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtkYUVDN3V3cDV5byjozNiHBg%3D%3D
X-YouTube-Ad-Signals: dt=1626744425135&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C780%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKpTMdK99jMJ9EeV-S02KosyNMpqkaUlNLfbE3DZ60qZAmGBien9jOl3uGSAJptij0zzwq12qyRmu0M2Vf03y4Mi9TNN9Q

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F5A 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 087F 64 KB
8 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 663765
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 671867c1fac8536a-FRA
expires: Tue, 20 Jul 2021 02:27:07 GMT

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 087F 12 KB
12 KB 28ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 371868
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdt2ltdBJG1djQpMDluASb2oKfYAfqyx2BVrDREx9LB7NjkhIXkRrWIkEog0CiAqD5f328LKeUGNtnGkVBSXTwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTcboPF%2Fc16OMoLAsFkdO9hi34Fj9aRHFvDqlZ4wdtGehoLWeqtYs%2BBeTpMKImZ1GguaBbsaYnco48tEOHBgPPtytpjKzp%2B%2BNgQkDR7%2FiEhNHOJ6w0pm3p8j%2FqrAJqzfsr2NolfXiMmzPbA5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 671867c1fa07bedd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 087F 10 KB
11 KB 27ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1503594
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdvTmCmAav2YP-0KbTU-pyv9yOICGDqJKQpta-nVyAFvzcMh3gtVcLa2SKjESwYy9qWQ2TmKooF-IfD6y5LdxGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxLvaisqBdHTK%2BHu%2BYdna%2BdAGNfXM8SOvp%2FixW8m6Z%2FRzz18lRPBZa5vOrtcWO3o75%2FGY8djCm79AHVKYYdp%2FyNDAlYk%2FvreIIDPvDbyKqCKwejxSTCgLWzcjbZX%2BP89htnw00%2FUGkT2PZOG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 671867c1fa08bedd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 087F 8 KB
9 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 377232
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduv9d6SN_nTzdCf2v8Rr9cE78kujZiUZV__ouu0ncEGoz11OvFi3Q2C0tQ5qaNOj5oYsQ-bqhyCda3xicu0IBjciow1bw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIzYTTvgSqZp%2FfnoG2GohxRn2qBkKPlGog24IvdFAITIhng0slb8NFuW08NbE0DBqrvozoTCncP47g%2BNYHVzBX%2F4P%2BTjvdnlowqfLGLqYv2jMo932b2%2F7DjzDIeF1jj8BS%2BZjHax3LSudw85"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 671867c1fa09bedd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 087F 35 KB
35 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 90133
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ABg5-UxByVwNkQkAk3u0uKVPzeppfF_Ksb8RJZWrj86wNMtopXtW4BUoyOWDFOYB9v9bfFR-91W5zV2f6_Rp3ZGFgVDJi9ox0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5AvPLGZGDp%2FLnqvbYnbytzHK3VjezcQJXK%2BF29yTS7fAODptKtClba9qtpXJ2BZMQNid%2FiWcTUYELIkvM02quy9ByUI6xLnX3KD%2BdBF1SCmReHSdYcnLi47LaCANRT3KhSdOBUaJrh9jR1Z"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 671867c1fa0abedd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 087F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPvwj56_8PECFf3REQgd3k4Pjw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gd...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_9948fc10-e8f9-11eb-ad65-692d0665ba09

0
517 B

114ms
28ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_9948fc10-e8f9-11eb-ad65-692d0665ba09
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

Redirect headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_9948fc10-e8f9-11eb-ad65-692d0665ba09
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 087F 38 KB
39 KB 31ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 379689
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHN%2B5lduiq5okPnMP3PEzPi%2Bvsznjv2bz5bJq6gAiqkuVpM9%2B5msVcohpnCw1SNhk1pe7Yu2wkWnAaPRz%2BS1kFEAj5ObavhEPqjcWz6PMWvm7ZT%2BeyRA19pOjClqJQqODo4mJ%2FR5T%2F8PaanW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 671867c1fa0bbedd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 087F 113 KB
113 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144116
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaDPQ8xLhOeSnHVo6lLHLk0nnX%2Fve%2FZCSybl8Sik8gRSnCOK%2F8ZEcyOIW8HSfZthNITqwcsIT6NFiZAE%2B0SURcmSbiQbuoL6C1pJvPJbcabCt0AY9YWax%2F9%2F9YxehmPOVOkuLFhpBEbkPQ5G"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 671867c1fa0cbedd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 087F 43 B
704 B 116ms
57ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

POST
H3-29 200 rs Show response
ad4m.at/ Frame 30EE 1 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e198d9d3c9a82dd010e323b63db78fa00133b029ffdee325714798321be641c

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jzymkp87yt1k360j7bwt7bk81qyhe4841a6j67mxwmangyck6n6b9352naz4rf4fdgr665p56mpxk2bf8f4ea734wwz8jyz018t566sdffvwrnnqw1xys6t9najtgkjs5f6zck7bkadga60eycnrx953n5n560mapqbcaacf42wjqd52cb4dzmdj1s95fx6hvrw36cwk9ykn89bke4s0cnryftfv1z3017wwkkxcxnd471s3ne8bhkz8ee1pm126p5egpcy5rxbyzvhyx4bw6w8abc6n7rn3bbevcmren4vdv54dnve2amhdsynesywycrh544fz6e20n7n49j9d565zceyzxqk2kq6w4n18sgbx23d3yhjyfrdq7h8rs6c6568h0tr910m0fs3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 671867c1fad1536a-FRA
date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UO03Vux4edR3E0NKEfGwTtOhMn%2FTUNhsdYbNqMtWw25wI0Q7KFLNs9mlIAmfRkPiZUhoah1WPgd4wLXKbHs5ataZ%2FfXN3U10gvsVSIizrgBlD4cU0whiJ1%2Bz%2BfH3bv70u0cNb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A1B7 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDF7 783 B
534 B 18ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b753b846d0c6ede4871bfd53617c04b0d42d426b739599bfba127fb5cba9f18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IGUJS4dB8FKySM5CWIQq9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:07 GMT
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IGUJS4dB8FKySM5CWIQq9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 164C 10 KB
5 KB 22ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8faf87627d1a9ce0d8d3f5c8e9dd01feae48ff39753062e010f5314d4f4f5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671867c20adc536a-FRA
content-encoding: br

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame FE3D 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 087F 12 KB
13 KB 186ms
102ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: bce7683eefbbfb282a4d432b75bacee6c6fa09a6f781566c02708acfa3fe8db3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Last-Modified: Tue, 20 Jul 2021 01:27:07 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F9C3 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B58 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f19e57d22d8d09581958d4d3ec39a5379fad9cd9a1bced3ba574212f29e4b0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fAdOHQeuFpMHtdhWmk4ipQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:07 GMT
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fAdOHQeuFpMHtdhWmk4ipQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 600F 10 KB
5 KB 20ms
19ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642fd9e48076f64b7e1f6e063639642a620bba3ed4c3ab6834f01562eb2644b8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671867c24b3b536a-FRA
content-encoding: br

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3F48 3 KB
578 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 01:08:08 GMT
server: ESF
date: Tue, 20 Jul 2021 01:27:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 164C 64 KB
8 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 663765
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 671867c29bbf536a-FRA
expires: Tue, 20 Jul 2021 02:27:07 GMT

GET
H3-29 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 164C 12 KB
13 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 371868
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdt2ltdBJG1djQpMDluASb2oKfYAfqyx2BVrDREx9LB7NjkhIXkRrWIkEog0CiAqD5f328LKeUGNtnGkVBSXTwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdC1mUDtiYctrelUNhIfl%2BE9Q9EY38WVRytFC4kg5P5Z1qOV41fFiTPmtWWw16ilnGsRwQnHEs%2B8HXXUlqo%2FioqoJFxCxWCJ%2BR2GlUVhhqDLEIIxPgMyTa3TQT3vVYojwK%2FedPphWqnzKpLS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 671867c2abc2536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 164C 10 KB
11 KB 22ms
21ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1503594
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdvTmCmAav2YP-0KbTU-pyv9yOICGDqJKQpta-nVyAFvzcMh3gtVcLa2SKjESwYy9qWQ2TmKooF-IfD6y5LdxGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MQw%2Bk3czkvMMDFLxvdq4ZuGMuLoVsilt5ymSyjJvLfnkvGCbnufwk3ptDmvYzeCMQlP%2BIH04dSiPRMRsfSkAmYY8DJR8Y7L4jgg%2B4%2Fawf2zxsvHwXcCGZzkXAzWqV18SVRa2Nw5Kz9qxFRp"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 671867c2abc7536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 164C 8 KB
9 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 377232
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduv9d6SN_nTzdCf2v8Rr9cE78kujZiUZV__ouu0ncEGoz11OvFi3Q2C0tQ5qaNOj5oYsQ-bqhyCda3xicu0IBjciow1bw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWuUZJScSvK2OMyjS%2B47TSpxuwP4S9EMdTC9GL16%2Btj8YOgPRUHiWtARNKb1DtmrOau2AODNEFmOJ1vq0rwPf8kvN1kXDNjs5lYtTNrQN3oCfsQ6oty86juLtCnJOhnKT4w1uXpG%2BNdyV8i4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 671867c2abcc536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 164C 30 KB
30 KB 15ms
13ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 372725
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdvnKjIT52i3dtGpaW91ZeuIivO6iMLcQnX31erpU_jjHQOzAkO8OMefFCjr864BULWgxb_nz1Wroqpp_EfU-J0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY24sRLc%2FzsnOqKxvs%2BA6t1E%2BlejOH%2BhCV3pwfwbx1oXNBruY9L3o3GLVLvtv69bMHjB1XIneXgMZ%2BQOQ%2BPD6Ff0JoeDg4%2F9Oa96ECjk%2FDbWEF0C9vKAjCaExozrAJKnfkFDcjkgx0bwrREN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 671867c2abcf536a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 164C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLLvlJ6_8PECFZXhuwgdrAwEow;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gd...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_99504f10-e8f9-11eb-90c7-692d06cd5c64

0
518 B

86ms
28ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_99504f10-e8f9-11eb-90c7-692d06cd5c64
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_99504f10-e8f9-11eb-90c7-692d06cd5c64
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 164C 38 KB
39 KB 34ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 379689
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUBvw5sdl8TsEPfXOpcCCkGdjwKm3AAb5O1U7%2BwycWMcM2IvLr1IBJ0pZ7T%2B9Fb1EQZVxLKpbSARct6itsfZuM3Tio2NaBv2UIadk7AkwcBSEq27X0juqi3mvHi1KoaRs3IFfL0jjdkWM%2F%2FW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 671867c2abd1536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 164C 113 KB
114 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 20 Jul 2021 01:27:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144116
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JncBTmL2H3dFVEbN4kwn8Ff%2BcL7I0fpb0%2FDedhvJ3Ihd9aQngawPHhq1BpnAUp24yHTocMN%2BgS5CxPNAQu7LtyZC%2BZi00z%2BF2f3g%2FSSTsdg%2BHivtSJSGAzULpwrUEExpEYF7kAiL74Raq%2FUy"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 671867c2abd3536a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 164C 43 B
704 B 67ms
57ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 3F48 1 KB
857 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:12:51 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 3F48 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 00:53:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 3F48 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F48 124 KB
37 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 3F48 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3F48 0
0 18ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQo8UCHlfrFMUiBf580n9Nuobs-_FtiOMawUfr4ZX_ys5ZsdgGQGyfrbBb9xP97xTh4WtyTpoqUAjO6se7BtYnubMVs4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ef3ed83fa5244dfc7f7ca8c70cdace65.js Show response
www.gstatic.com/mysidia/ Frame 3F48 26 KB
11 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef3ed83fa5244dfc7f7ca8c70cdace65.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea13739a6ab669cc2f16a95685c1ed8c0fa771606e3a217cc2093b91103012df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 13:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10755
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 05:41:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Oct 2021 13:09:13 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 600F 64 KB
8 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 663766
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 671867c30c78536a-FRA
expires: Tue, 20 Jul 2021 02:27:08 GMT

GET
H3-29 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 600F 12 KB
13 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 371869
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdt2ltdBJG1djQpMDluASb2oKfYAfqyx2BVrDREx9LB7NjkhIXkRrWIkEog0CiAqD5f328LKeUGNtnGkVBSXTwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE%2BaDtGpt3IEcmSHhPL8tV5w19U48kdzx8wFJFiXdqeAUN1SW1uWll9iCHdg2LTp0Mx8JTTyji76ZIh4kFi6%2F7R7dACAOt%2B6fjOlhN9JRSNXVT59uUlKjD%2BaqyFTmclDNXSa9HwGA6LcHMsz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 671867c30c7a536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 600F 10 KB
11 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1503595
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdvTmCmAav2YP-0KbTU-pyv9yOICGDqJKQpta-nVyAFvzcMh3gtVcLa2SKjESwYy9qWQ2TmKooF-IfD6y5LdxGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PtymSJIyAiGA8gKowJSOm5uDAPgjp2zezROlK5ICZ47D5TTrrMg9mW64b06ewWv6RHdDTXREONya74P5XGC%2Fh6YdcPugWi9MhHwmkDLC5LoBec9qQb321wIbTyqa5nlgnorey%2BfAPqYGHOs"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 671867c30c80536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 600F 8 KB
9 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 377233
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduv9d6SN_nTzdCf2v8Rr9cE78kujZiUZV__ouu0ncEGoz11OvFi3Q2C0tQ5qaNOj5oYsQ-bqhyCda3xicu0IBjciow1bw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2xUy%2BLxO1NcYHaZ42bGwkB0ieUyGUaTr66FhU0TmOa6i%2Fq09QjOOhlYS6%2ByX%2F67UrB%2Fsz%2F8GBHc5hy5HnkFJCyWx75T992OKVb8dYZMGZYov8T5VWnmwYl7FdLo6ALK4JL5yWIdtNY4x3%2F9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 671867c30c81536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 600F 35 KB
36 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 90134
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ABg5-UxByVwNkQkAk3u0uKVPzeppfF_Ksb8RJZWrj86wNMtopXtW4BUoyOWDFOYB9v9bfFR-91W5zV2f6_Rp3ZGFgVDJi9ox0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piXJWcw1H1577KCpULZm896kPv3jo9Wl0%2BJD%2BJM5H8rR%2FWZ4wQW6UMEtl5cnD2uNupVlvDM2K4zgLhBNslmskY1EvJrZEUDVHT3jivog%2F%2F%2BPUi2PV%2BC6HrEJ3AQNhH8OENqVBxzX%2FwjwunpB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 671867c30c82536a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 600F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CP3vlp6_8PECFZbWdwodywABTQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1Eoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gd...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_995901a0-e8f9-11eb-90c7-692d06cd5c64

0
517 B

34ms
28ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_995901a0-e8f9-11eb-90c7-692d06cd5c64
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

Redirect headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744428_995901a0-e8f9-11eb-90c7-692d06cd5c64
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 600F 38 KB
39 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 379690
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tntisnaj3ABl0BUbKxIQB8qOorGLvIGlXS2TF4C1kzJP4zgjb5Bv6DgtEsQzDO43l3TnBEPy2KtoT%2BOYDZbJU5BXgIOM75VfW8FGeNtNdoBXKHUaS1sDlOLPAOvUtsOtdyjxEVNFWE69tin6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 671867c30c83536a-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 600F 113 KB
114 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144117
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8EKvnsS7Oh03sUqo31naTNn6ppSntoYzn5BbG9qENjM%2Bu3pOiLjBHeTI0AqzjpM%2FGfBaBlBuGJZZymAgOBpvgyeTDCWJjptMhYNYXGeJP4mkI1TDJ9PYM1iZ4uFikXOqr4DY5yFr1bj1p11"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 21 Jul 2021 01:27:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 671867c30c84536a-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 600F 43 B
704 B 58ms
57ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK request_content.php Show response
hal900010.redintelligence.net/ Frame CAB6 7 KB
3 KB 88ms
32ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request_content.php?s=44789400007836600951401011661010&a=95b63d91
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=2ca6f70387&subid=&uid=ae96515f972e07cb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2718181221537764460%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_cid%3Decb860f6-266b-4b01-ae63-a68fc85a7ede%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzW9Rayb2YK_1A5-a-gayjbWgBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE6gFP0GtdJRFKjjLK2UKHrqAe7kmCOF5uM9K-B0PUdG_phw_Yxho3wmiee-1en2uIVhiBN6jCb6DHqeJIsyZZMIP0KS0JBnASO2KLmJjS1Kv3_xc7Q6K5cG2IMXwEVvSgZVvKlKOzf1BoKn4DH48F1bKkuM3n5MC2Fp1uqXrzTmQnNY4MoN683fPKFjyrvFGZBaTlNBJC8XzmqegUSwCH0xi3RSM1T-1IC2mUq8l6wqOXPLCQst3hAq55eA0RkmJ5O5iqZnMlJ3hQEz0cpcpoVATIuknewVs4KMj3sCKBF9TIhINi3Zy_DXcwBqSABq-L7r_z6_b4ngGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1buy-kiTd367zhgjM6BUgKxgNtGw%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=1353676706926&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cf4dca73ba7ccf6caf531d557a7c1ff8dbf535364ef1caa224219db3631787af

Request headers

Host: hal900010.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=57245fdf6ad565d6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 20 Jul 2021 02:27:08 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2285
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame A1B7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2C1 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Jul 2021 00:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5766 1 KB
750 B 8ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80283
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 164C 12 KB
13 KB 167ms
120ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=120&d=600&e=m8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijp&g=02af62af1b157445a6af26ef207cbc83%2F16198690082562297884&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202asja7a6q0as0cva8wf5eay3kygg4pssy6tm5y5jknv1spz8v1r77b7t66fw4bmkw8njb7sjnrjfmefhq979fg9161z71afj80av3k6xa4ptwjqnbz5f0qcyy132t8xzt1dezvmfwg0kye44wsmxdgfwa6c6kkv4emm37k9981yng5bz7949mg5v7b734aw9dkydsp4pnrqepf1me874sy95w71r0twechk0gb9ynbmqqbkyky4cxd5mqn9sx4bb2xr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiFGMayb2YOKRGI6_gQeqk6awA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OKABwq7o3QPIAQmpAjlSz2UbzLM-qAMBqgTjAU_QeNi0J8k44-Fx9KmOwrCDA_rbd-oocvxKcJ0CNdsbdHPrXN0YlPSfJvEAY4ERhrOSg1VKWT7Pxv8A2qngLc2ndSbxyNJpkv73YuuiyH3TFuj0VVCpsCb1TzYFW6XtEFjOGYOz7U4EEOe-4U7jhtOgPk-BxSSNHidQmZrdJI1brMxK2KxmOW2Tt7pX9mx2K9N8cUM1jG51USeIO8ixTGuPo_ef6VxB2Iay0QESg0h-h3BtneYRSstNZ5LlzSznIQAvSdGKRFPv4aVdxyfvCzqtAssAgwWHgrwu7sj2vLZHnxipgAbOiuqUjOnDgckBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Rwdqk8u6vS4exdsYYTynsQW9bmw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 587b441a510ad04eee3152bb89565fdfc537313ea1022dc15d0cb560c8feaa51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Last-Modified: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3F48 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20024be28d3591d0c139ad2fd9ef4b8a32a513c68d4c89136b65bac58c54fe31

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3F48 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 601490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 02:22:18 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3F48 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 560446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 13:46:22 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2203 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80283
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A008 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25c92fa83c9921b72a3b0b7fbc55a4ba6bae3f7f311a1e3ccaf228b8b8ba52d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 600F 12 KB
13 KB 156ms
110ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 5c43e93ee0999bdb43a81a7c5a591d2211f5e514843912dd29851a18919588a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Last-Modified: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame F9C3 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 087F 59 KB
60 KB 121ms
41ms Script
application/javascript 13.224.99.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-121.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be028ddbc85d79d86197ceb7996f571178592413b982fa59e79d39fc1938a651

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xn9YIGoVobZ5q1OjPEeywP.HYFK8n8lp
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 14:36:57 GMT
server: AmazonS3
age: 68534
etag: "571d76fcc5fac1d79b521c4a9cd8ed59"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 19 Jul 2021 06:24:55 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 60842
x-amz-cf-id: tvO0l7Jax7su4LfKlD3JRGdoVBFGyg4Ja7F_-XsDrE5HVi__bDgKnA==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 087F 79 B
374 B 1295ms
37ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW14MJgdf_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI3dmcI_FeAixAxJfy6fwHCSFQ_01kKJA237lY5BSmVjMk.2WJ&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221626744427%22%2C%22%22%2C%22%22%2C%22%22%2C%221634520427%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=395d548784f3298a4542f757d83bb823&userIP=82.102.19.196&doAffectv=1&wgtime=1626744427
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidEMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:27:09 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 087F 25 KB
26 KB 72ms
26ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__asuidAewCk2o9daW4891FfNJlX_6lgoVwovHpasuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=EMWOiH1Eafjc8dnpKf24ZZm9Ie0NEQs2&g=cf1d6ac7ba2d8dfe8d1da5c7652bb701%2F3245432556028662664&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20yjbyhgwnbbxp0t7k5njy1n7tn320qdba5ask1ed054k0zdzwvaws0tn3y8r8hs32zm2xnm2f7a4k2ytb4jvqq0x5zgs81aw99v9y8rhmpcqxd16e5tmeeysnta3y8ey4ksym5fna1wtxseq6dtb03jfk8qgny68hcaq47s8z5wsnh187zgg3596m282pqe0j9cwpdgyv0zrs8jrpjnpdke3b8n08ck7yt99d8r0njzq1qrqjcwr3qsp8sv7zdpqv926%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC24JKaib2YJywOPexx_AP4oiqoAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI6wkrKNcuzPqgDAaoE6AFP0GjpFnpTJ1ThKf_PIY_BFmRDBHdpuw8TMgJ-0irffgBYrd430XaYYUqFLhOSUTrfL8NIoy1BkAqfFFrSENoj2mZ7N4fLcUaq7sd9qE614tgUY7o1rLR3PkmowJQolnaTw4Qy2IvavHp6UCkbo7wljeybfNZ9W3Vq85NsJOWitgezKGiuPdOpSlPSlIwlF08xd0l2uwWDG93QydSB7j-bMmlURVQhay7WXZyepu0GRhOKQXfmaE6Fp4iJ6i9tYbVBvpmL1Kd9vfqbozawRR7eu_qre7fKGY2rug6HxTxsYkAdPBYz32-mgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0IO698WhmHbeoUU7p3Pjf-aLsMKw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:08 GMT
Last-Modified: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900026.redintelligence.net/ Frame 16A8 7 KB
3 KB 83ms
29ms Document
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6b7ff5cab3&subid=&uid=7531a32c07f8b479&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D412338212324070789%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_cid%3Dedb860f6-266b-4501-838d-0334196e152a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGikjayb2YOfoCM21gQfburmQBM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNjU1MDQxMzM2MzYwMjU4OMgBCagDAaoE4wFP0LlPgA8D-r1PwuAn0Te0FFR5SH51QETobPIQefsWVLm-loK2suANU2HPmneLZtL0gtowMiH0thkDibY_SzeKYaq7oyaMB9JRfNWgirMZvGcyMW6qUX1cmj20WLvHpy-wytJyAYu9iI-2bgrQVHJc5pDEFzgRfXivX7AF9VjHe-nnPUxKtRKXIhRyy8hU17MMUY9VWbDzkLMupKLdgrucO1e8sHdJ2uI6a_IyFHLo9LXh8MM6iuT8Ftc716gsLxeURBJvgeRIIS67tY8eiZE-eC_0LEB8xKyGG37UVWHDPOul0oAGyuvp0O6wg6qJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1QWA-MB5b7IWpKEeroWjarFacDwA%2526client%253Dca-pub-6550413363602588%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fja.pays-tarusate.org%2F&ancestorOrigins=https%3A%2F%2Fja.pays-tarusate.org%2Chttps%3A%2F%2Fja.pays-tarusate.org&random=6366811125776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 08305956499a927280152e460fd231b3a54b6543d616004764c29ca5fad2dd01

Request headers

Host: hal900026.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=3c6eeac205cc63de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 20 Jul 2021 02:27:08 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2287
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame CAB6 89 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44789400007836600951401011661010&a=95b63d91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 21:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Jul 2022 21:23:04 GMT

GET
H/1.1 200
OK S-300x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame CAB6 95 KB
95 KB 362ms
35ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x600.gif
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44789400007836600951401011661010&a=95b63d91
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: a24bf435f35ac214cad692735eb2f8a9235101f45c115b1ef1265cc275cf3c50

Request headers

Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-17bca"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 97226

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5766
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPIkkmz8xof2uxYgr1yb7DYYSCZq5NGYaKJJUcOwJiENA8uyUjiJE3z6ca0r1tiXvAJvcCVLSV_XoVG-n6sl8b84lbEoGb5N
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

43 B
407 B

13ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5766
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH81GGQmkFgq872mr0JeFec&google_cver=1&google_push=AYg5qPJmo7hudvPZLFoWn45SmZRzfglr5awWgwxEklrKMAcCoYveG1N0cF...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJmo7hudvPZLFoWn45SmZRzfglr5awWgwxEklrKMAcCoYveG1N0cFUSkUNPfXf418621Q3eYm9lUll21vjYoV3Mw68VtYBl&google_hm=enayV4...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJmo7hudvPZLFoWn45SmZRzfglr5awWgwxEklrKMAcCoYveG1N0cFUSkUNPfXf418621Q3eYm9lUll21vjYoV3Mw68VtYBl&google_hm=enayV4dehRbkrXsPpxU1pg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJmo7hudvPZLFoWn45SmZRzfglr5awWgwxEklrKMAcCoYveG1N0cFUSkUNPfXf418621Q3eYm9lUll21vjYoV3Mw68VtYBl&google_hm=enayV4dehRbkrXsPpxU1pg
pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5766 0
191 B 31ms
29ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOIxVO4H6cBvqD5AZphFOdY&google_cver=1&google_push=AYg5qPIDbwLAIp5S-X0TBoB48euEdDlmh09Nj-5On2Z3-FF-ZA4obPox-S_PRmF87UjmsxRTPFDck6AfpgswJ7kk9VJqBdufnIM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5766 0
114 B 24ms
22ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHAp3See6yicChVh9BPOQ5Y&google_cver=1&google_push=AYg5qPIMtlTcuePhL_XGpc3Y2zSWbXBtEZT_YQZpo80bLX1E_SOthzZWgSkxMdE-Ji-oRCXb3VWpWYkMVzQwdzCP2IWVXTB79ful
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=1200&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.05893240074299699
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5766
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECUYmgb8IvJtC6WDkLL6W1g&google_cver=1&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybe...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECUYmgb8IvJtC6WDkLL6W1g&google_cver=1&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybe...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CeS5_K1CO6mHIRPMUsnOWg&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybeNLki7zI76GpK-HseT40q...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CeS5_K1CO6mHIRPMUsnOWg&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybeNLki7zI76GpK-HseT40qB78UXr57c-_GI_MJEYg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Jul 2021 01:27:09 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CeS5_K1CO6mHIRPMUsnOWg&google_push=AYg5qPL8T0fAKhq54JkXfwIYb83kOa-zwumz8AUmqfyKuy2x8c7WF3MnM8ybeNLki7zI76GpK-HseT40qB78UXr57c-_GI_MJEYg
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5766
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPL2xUhNfGvTBd-yj1J99MYApLg3tYGygUQK81bMDWyWYfB1KmN8lEK2iOALq9xmPMOd4DhDv-aLSnWetN3uB4m3...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL2xUhNfGvTBd-yj1J99MYApLg3tYGygUQK81bMDWyWYfB1KmN8lEK2iOALq9xmPMOd4DhDv-aLSnWetN3uB4m3P88divUP&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL2xUhNfGvTBd-yj1J99MYApLg3tYGygUQK81bMDWyWYfB1KmN8lEK2iOALq9xmPMOd4DhDv-aLSnWetN3uB4m3P88divUP&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL2xUhNfGvTBd-yj1J99MYApLg3tYGygUQK81bMDWyWYfB1KmN8lEK2iOALq9xmPMOd4DhDv-aLSnWetN3uB4m3P88divUP&google_hm=ZCGM5EwpQ5CBr2yz4hstig==
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5766
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzXvBnIWjKb0877c5NTj_o&google_cver=1&google_push=AYg5qPIkl8Ql8TBIV0uFWXpm3UiTdvm8uB_8ew7zHm-93cGouHBandoOiKD6DHEGRsD7CfT3lfSJCqKQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPIkl8Ql8TBIV0uFWXpm3UiTdvm8uB_8ew7zHm-93cGouHBandoOiKD6DHEGRsD7CfT3lfSJCq...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPIkl8Ql8TBIV0uFWXpm3UiTdvm8uB_8ew7zHm-93cGouHBandoOiKD6DHEGRsD7CfT3lfSJCqKQ7M-uSp5f1E-U0-RtjjII

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3NDUxNTQwNjM5MzM2MzQ3MQ&google_push=AYg5qPIkl8Ql8TBIV0uFWXpm3UiTdvm8uB_8ew7zHm-93cGouHBandoOiKD6DHEGRsD7CfT3lfSJCqKQ7M-uSp5f1E-U0-RtjjII
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 5766 0
12 B 31ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhSbaQeyLPQdrde-a2TMULNLVY06vmXs3iQkeztBtp-QzDoRw5Ka4OPhtHTCSFlbBdBeJL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D88 0
0 58ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrHtcXQzxxMxwrdCKF6a3EFOwwiQvkvD8VCaKBqg6M0eWBRsEilqHu0F4G5G0LwQgrqJ56iQq2YoSb_WD54kxvcdbeIbmj0qG0afdJ1MNTFQMI2noe0EP7_cgxYD8XV9gYou6G6Dtb87KttNqiM5zwLf-UrmK2HpbklUwoDwx4xUBpv1vC8tVBWJFCChutDPkqIGIOSm8DfvswmTfT5iXtft_syWINLEyrJrfIw5ScgkLAX0jId9C9wYpjxPZy3WB7Iwzv9Xp7sziMmlWfa58UxB266qTmtF7Io8b9DyDMNEGQRRaN7l28vcxSi4CoEfKcum5Gr6E3Db1dyGE&sig=Cg0ArKJSzFrnH_2gEHUJEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:27:08 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9D88 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

075f16f72dad9b971925a81d4e37fd49be63b4c04df8ab576eaee8361aaea2cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8399
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2BE7 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80283
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 33D0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05da4a7ffac20fce3b91774bd42c3213ef046fadb13938b23543f353f5726124

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 164C 59 KB
60 KB 37ms
37ms Script
application/javascript 13.224.99.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-121.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be028ddbc85d79d86197ceb7996f571178592413b982fa59e79d39fc1938a651

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xn9YIGoVobZ5q1OjPEeywP.HYFK8n8lp
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 14:36:57 GMT
server: AmazonS3
age: 68534
etag: "571d76fcc5fac1d79b521c4a9cd8ed59"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 19 Jul 2021 06:24:55 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 60842
x-amz-cf-id: yAbAZaFiUhcqXKsbO6rPC6VReYdkcQlfNYzJnliYkEaSDrP4iBwUVg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 164C 79 B
374 B 4958ms
2028ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW14MK8OQ_i.uJtHoqvynx9MsFyxYM914Ve_clrAU.0Y.KI3dmcI_FeAixAxJfy6fwHCSFQ_01kKJA237lY5BSmWjMk.4Yw&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221626744428%22%2C%22%22%2C%22%22%2C%22%22%2C%221634520428%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=6de8d7a3af257f6d4e41fed22ce09776&userIP=82.102.19.196&doAffectv=1&wgtime=1626744428
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:27:11 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 164C 25 KB
26 KB 1091ms
27ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__asuidAewCk2o9daW4891FfNJlX_6lgoVwovHpasuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuidm8_mTwfZ4oq1IwzQ9FO9eoxgxP4Ghijpasuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:09 GMT
Last-Modified: Tue, 20 Jul 2021 01:27:09 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2C1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
17 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 01:27:08 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 20-Jul-2021 02:27:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 01:27:08 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame D545 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2203
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPJteT55wHWXK9ChP5zCCg7VPDh5ZkAPUOWKmrsORpE0U9zqNvF_pzgDyBNEDhmbYdkE2r6pcS3k3MW1vj6yVmb_VpVIvojU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

43 B
407 B

13ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2203
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKKfDTWLn5n4GamETXJTNtVKrkQCWAQwdGeivPwbX_...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKKfDTWLn5n4GamETXJTNtVKrkQCWAQwdGeivPwbX_cbNxdVGjmCQbI1l03M9ulgxuPX0CO1oLiOLSYit-nIrsZ3vVRhhjS

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:07 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-00d04c025752e7422@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXZzTkRjYnQxTTVFeGw1&google_gid=CAESEM1UrEvH6XbkulZZLLZK5TQ&google_cver=1&google_push=AYg5qPKKfDTWLn5n4GamETXJTNtVKrkQCWAQwdGeivPwbX_cbNxdVGjmCQbI1l03M9ulgxuPX0CO1oLiOLSYit-nIrsZ3vVRhhjS
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 i.match
a.tribalfusion.com/ Frame 2203 43 B
692 B 169ms
168ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPIHOypNhiQ2dU3yHUaukEBY5YjlfcRaRgE3bD_tlcp0fqL4eh0NYbVuWZy19fRL1c-x1szaZDuU6VWLmkD7Y2GkYkyqq2Lc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHOypNhiQ2dU3yHUaukEBY5YjlfcRaRgE3bD_tlcp0fqL4eh0NYbVuWZy19fRL1c-x1szaZDuU6VWLmkD7Y2GkYkyqq2Lc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 671867c5097d1786-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2203 0
114 B 23ms
22ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHAp3See6yicChVh9BPOQ5Y&google_cver=1&google_push=AYg5qPLR6vjeJmhM13P6XozCd1jwIS1AW2xk8npgf-Y9254gPiVitDEtmnq46xrarwIWPpkcsxXMlx2fX6Yv62nOh8qxV4cJud6W
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM%2Fzxm_smrcp&adk=509073777&adf=816031633&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426916&bpp=9&bdt=73&idt=115&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dbf8dc86c61e87393%3AT%3D1626744426%3AS%3DALNI_MYITNzFmS-pMoWKTp7AhGr03yDL0w&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=240353895.1626744427&ga_sid=1626744427&ga_hid=911990120&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1743&biw=1600&bih=1200&isw=300&ish=600&ifk=3146990230&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=2173523008912094&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cmftfad743sq&btvi=1&fsb=1&dtd=133
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2203
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJc_5yaqQ-567EYkM8PbcMk&google_cver=1&google_push=AYg5qPLkLUjvqg406NI38VKaa0DjiUPQX6Sd-TnABfu9y6PIwT_EjODb_rQlZ_DqpcXce5SwQ5vEGtmVuU1Pcs...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPLkLUjvqg406NI38VKaa0DjiUPQX6Sd-TnABfu9y6PIwT_EjODb_rQlZ_DqpcXce5SwQ5vEGtmVuU1Pcs_qt8...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPLkLUjvqg406NI38VKaa0DjiUPQX6Sd-TnABfu9y6PIwT_EjODb_rQlZ_DqpcXce5SwQ5vEGtmVuU1Pcs_qt8UwqqAZxbL9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjgxNDExMjkyMzA1NjI3MA%3D%3D&google_push=AYg5qPLkLUjvqg406NI38VKaa0DjiUPQX6Sd-TnABfu9y6PIwT_EjODb_rQlZ_DqpcXce5SwQ5vEGtmVuU1Pcs_qt8UwqqAZxbL9
Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2203
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPIz7RZz4humFIT74j7e2XIgC3_c4h8e6A4UtBpo-5UiJGCmilduwOOo-VtrXu0H1tV_zi7W9ERRjvVVvqHhstbj...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878971739229148&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIz7RZz4humFIT74j7e2XIgC3_c4h8e6A4UtBpo-5UiJGCmilduwOOo-VtrXu0H1tV_zi7W9ERRjvVVvqHhstbjgJwPuGiV&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIz7RZz4humFIT74j7e2XIgC3_c4h8e6A4UtBpo-5UiJGCmilduwOOo-VtrXu0H1tV_zi7W9ERRjvVVvqHhstbjgJwPuGiV&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIz7RZz4humFIT74j7e2XIgC3_c4h8e6A4UtBpo-5UiJGCmilduwOOo-VtrXu0H1tV_zi7W9ERRjvVVvqHhstbjgJwPuGiV&google_hm=ZCGM5EwpQ5CBr2yz4hstig==
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2203
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPLEsn22EiFweBbKKAH9x0bxp1fmG_6xfK-rgm8QDmd9IdazuDyMwKQkHRjW-zo-0zBMoSKOqzs1D3xKeDS2PLbutfY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLEsn22EiFweBbKKAH9x0bxp1fmG_6xfK-rgm8QDmd9IdazuDyMwKQkHRjW-zo-0zBMoSKOqzs1D3xKeDS2PLbutfYRmsQz&google_hm=NTEzNjM1NDExMTEwNTg4Mz...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLEsn22EiFweBbKKAH9x0bxp1fmG_6xfK-rgm8QDmd9IdazuDyMwKQkHRjW-zo-0zBMoSKOqzs1D3xKeDS2PLbutfYRmsQz&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLEsn22EiFweBbKKAH9x0bxp1fmG_6xfK-rgm8QDmd9IdazuDyMwKQkHRjW-zo-0zBMoSKOqzs1D3xKeDS2PLbutfYRmsQz&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 2203 0
12 B 30ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzmT6njj08r3DZcqn7LUMv0bipTjnly3HTaJjn34BHDuK1mvEoDShBzNjrCpJ4AgOyrNNE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame CAB6 0
150 B 82ms
28ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=44789400007836600951401011661010&a=c7e83e79&vb=m
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44789400007836600951401011661010&a=95b63d91
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900010.redintelligence.net/request_content.php?s=44789400007836600951401011661010&a=95b63d91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame CAB6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D88 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:08 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 600F 59 KB
60 KB 37ms
37ms Script
application/javascript 13.224.99.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-121.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be028ddbc85d79d86197ceb7996f571178592413b982fa59e79d39fc1938a651

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xn9YIGoVobZ5q1OjPEeywP.HYFK8n8lp
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 14:36:57 GMT
server: AmazonS3
age: 68534
etag: "571d76fcc5fac1d79b521c4a9cd8ed59"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 19 Jul 2021 06:24:55 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 60842
x-amz-cf-id: z6Iwah4bqg2gwrtpsOtLoB4BKzjjSJhIAq55w1sgO9nEplFnqr4BFg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 600F 79 B
374 B 4959ms
44ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW14MKEPLtQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jl9Re3tJ9XvjHzK9zWuz3YMJ5tFFg4K1kl1BNlY6RcApw.EV5&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221626744428%22%2C%22%22%2C%22%22%2C%22%22%2C%221634520428%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=b2f6c19039d10a33e9be7315e75e93be&userIP=82.102.19.196&doAffectv=1&wgtime=1626744428
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__asuiducZJYwRIazWoSvevcqSx-nZA-X2gGUj0asuid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 86dfc858906ec36833fe69f6e9122de2c555b1d7353a8d94ee1ed1f1ce563870

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:27:13 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 600F 25 KB
26 KB 1076ms
28ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTGC9HetQt1JWSZtWt4Wxoneid__asuid5D635M9IiE3fTxxIkyiTqBPIDPBxc0ugasuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2C4PGSEfX5CwQRSGH9HdtAtjWrtdtpT1E%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CrJmHQfD9cDbdcAH7HjtJC2zrCwt8T36%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=ucZJYwRIazWoSvevcqSx-nZA-X2gGUj0&g=262097267e0295fe073ac0325b98e786%2F9952475050944966081&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22n0b8534xydfk5fj08122ny5n7f4kw3155zmsynw3a61ych1nkfneyb7r1sqxznfp3swcj881w5pprf27zq1ktqcfq5gpt1he0a5rkny34hq7y948r1k0x1194g3131vp9de2ssm04cygwpt0t49sfnpgzt9g4192g6asv1vvveb2rtdkcwqrpa6dfsgzktqv760r5pg48xms2xxsjd59zysk69wem4ys4kepf6g5g53hre10yb8k4d44qwcesk2aedy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4QL4ayb2YMnKGoDCx_APir6PkASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE6AFP0GIdbbmaMrD90jb_nA38OfF1LRhSezYkbU_gqAC8jM-91ThkWeJzU6cqimsYRRwNjn_OCBT-qNYlfdVV0NP_ErsRC_CbQ-qEwsCwBPDFYIXJAZlF0STaUgWEetShZDsr5oOkJMxSe8SN87vBkMUf5AXi8afj9OpAhjihavnrc9oLpl6yNSt-3V2qHKTJu0MJJz_v0v8FwqNMyAleB8EoFJcejNmQV2A9d-kkly9RLlciWplqLKgeC4DH20eJ8PtaR4M3LS2iq6Au8KwbXhhJJjcEZc64lnMyKOVTm9ukTDtNQHwA3X-xgAaj4ejr-ezk1_cBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1HmfnnVLPSmE5xKzxC11MWWXRLSA%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:27:09 GMT
Last-Modified: Tue, 20 Jul 2021 01:27:09 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 087F 63 B
270 B 371ms
40ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW14MJ8HrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea8I_Fb9WJMSuMudMwEMsZPuVr914VecL57GY5BNv_0TjV.3vr
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 16A8 89 KB
32 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 23:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Jul 2022 23:07:17 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 16A8 24 KB
24 KB 851ms
32ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

Referer: https://hal900026.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:09 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A29B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 265D 783 B
531 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63aeed04a890d47d8f405949cf32eadcd4cb6b09b05e21a3e72f254ce0be97ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AV4QfC3iDFGeVouPpdlgmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:08 GMT
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AV4QfC3iDFGeVouPpdlgmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 164C 63 B
270 B 4839ms
39ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW14MJlKMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea8I_Fb9WJMSuMudMwEMsZPuVr914VecL57GY5BNv_2TjV.A2E
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4ca4ef3a650de4f758ef65f4e0c5e61ca7f6405c31ea0911c4fed14888242983

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:27:13 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2BE7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1&google_push=AYg5qPJvqT9pJIiukxIFtD4xzvp1KnlDXyBd-I2YS6pT1lTJVnGH36vbIAfk3XvBNyxchV02MIaLVdvtCN_WbswMDSarULNE2c6z
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwNDMxODI3NjY4MjIxNTIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1

43 B
407 B

13ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBlqs6CY7L_UhqX-aW8iC_4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 i.match
a.tribalfusion.com/ Frame 2BE7 43 B
680 B 173ms
172ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEFEwUYoib-KZ3DX5WhgcwZA&google_cver=1&google_push=AYg5qPIlHljMPGc_EhkErN4c2DI6Z_1GK54DXJIVM8FxC6bQuAxkkfv-qVML9h9o-edrz18bbwbV6--7E7F6EbtoDy3uvlHCfBSY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIlHljMPGc_EhkErN4c2DI6Z_1GK54DXJIVM8FxC6bQuAxkkfv-qVML9h9o-edrz18bbwbV6--7E7F6EbtoDy3uvlHCfBSY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 671867c66a751786-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2BE7 0
191 B 31ms
29ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOIxVO4H6cBvqD5AZphFOdY&google_cver=1&google_push=AYg5qPIK2fxlq7hiMCt3vSEgDpInKUKFXd2gM6_0pzFz2UvMBSPakBzFZAydM2jOxQBtDoxpk2tV81eHU3WDRfxnK-qqbANi5_cY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2BE7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBPnW8WBz0XrDoA8W3D5O0o&google_cver=1&google_push=AYg5qPIsnYSe0YJi6hirdoAv10xqtjZ6y7DYTqNh0lZQpl-a8MAVlcMQHVY9m6BwxFZitOOYM5wPTnpZGuJKjaQLmSe9...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=68342755-c84b-4d36-b0f7-5564d0aec49e&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIsnYSe0YJi6hirdoAv10xqtjZ6y7DYTqNh0lZQpl-a8MAVlcMQHVY9m6BwxFZitOOYM5wPTnpZGuJKjaQLmSe9yeDcYzM&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIsnYSe0YJi6hirdoAv10xqtjZ6y7DYTqNh0lZQpl-a8MAVlcMQHVY9m6BwxFZitOOYM5wPTnpZGuJKjaQLmSe9yeDcYzM&google_hm=ZCGM5EwpQ5CBr2yz4hstig==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIsnYSe0YJi6hirdoAv10xqtjZ6y7DYTqNh0lZQpl-a8MAVlcMQHVY9m6BwxFZitOOYM5wPTnpZGuJKjaQLmSe9yeDcYzM&google_hm=ZCGM5EwpQ5CBr2yz4hstig==
date: Tue, 20 Jul 2021 01:27:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2BE7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELSarXGwlH5yb3mA9muI7ZQ&google_cver=1&google_push=AYg5qPLzseIeXNnv9Z7u5K77Id5mOD4r4OFBKjiBdO0AbOiJ9YbPAmdAk9jKoMcp4HHRMRpXT8Prhrpk8vmnQkmsI65ivu4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLzseIeXNnv9Z7u5K77Id5mOD4r4OFBKjiBdO0AbOiJ9YbPAmdAk9jKoMcp4HHRMRpXT8Prhrpk8vmnQkmsI65ivu4gczQ&google_hm=NTEzNjM1NDExMTEwNTg4Mzk...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLzseIeXNnv9Z7u5K77Id5mOD4r4OFBKjiBdO0AbOiJ9YbPAmdAk9jKoMcp4HHRMRpXT8Prhrpk8vmnQkmsI65ivu4gczQ&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:27:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLzseIeXNnv9Z7u5K77Id5mOD4r4OFBKjiBdO0AbOiJ9YbPAmdAk9jKoMcp4HHRMRpXT8Prhrpk8vmnQkmsI65ivu4gczQ&google_hm=NTEzNjM1NDExMTEwNTg4Mzk5MA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2BE7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJl2TMT0Y5HthJPeSZyir9M&google_cver=1&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQs...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJl2TMT0Y5HthJPeSZyir9M&google_cver=1&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhO...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQsecvD6

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQsecvD6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJOSTgbOz2vF-RgwccoYRFOeL_x2Faru0S--d5g5ue283fAMJvartsK1pcgyO0kgjTOrrAQhDn-mF5XBWU--GWhOQsecvD6
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 2BE7 0
12 B 31ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOHQlevWdA_Y0kmyDVLNGUapJyYvkH5jpc7EaAoCZSs8o_cGRpdke2oicMWnYZxw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=1079704633&adf=816031635&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=728&url=https%3A%2F%2Fja.pays-tarusate.org%2F812117-what-exactly-is-the-web-EDMGHW&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744426974&bpp=5&bdt=90&idt=141&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3D388204314141f13b%3AT%3D1626744426%3AS%3DALNI_MYGYqxKQIDaM5SiFXqeTaNdWqtY6Q&correlator=8344256082548&frm=23&ife=4&pv=1&ga_vid=66513775.1626744427&ga_sid=1626744427&ga_hid=79708856&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=335&biw=1600&bih=1200&isw=728&ish=90&ifk=2408665925&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=2569293731683073&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j1axy1uscws0&fsb=1&dtd=156

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D72A 0
23 B 45ms
45ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=53401674924345&bg=!cnGlcTXNAAZjFomlYxY7ACkAdvg8Woohk95m2K9oaaEx7b9bogvGRHE7epp5j4onTieY4Q5cvsZXsAIAAAGmUgAAAIhoAQcKAB0iZOAWUL7z_gsAxBmHOpAEtQDH3rDQ9wk-qDaC9JkCpn4qRDdCsxTvGmp1NVEqogAJn1dbvYcs-M8dWPlpSH9eB0_4o06wXc4jzm0Hl8BhuGetDmVPfzI5pzlzpbIR2g5bQyLbxyQhT6QyneNSJNynPXZlKZhPW6iQN47uSf3vPrlohC4BXwURl8cV1Ql4F2v_h_mjn8B7COyQFdLUJx6B-B8UoFu4Sv74HL8tJqsdosp8UmvuN_62WcvE-4nvnjxajEMeJTUZSjPiV2B5GaalK8Nh33L6MbzWwPtxM8Mw4k6hoHm_BjW0JzpDMphSkt2TV9q7TY8WLduDylqo1YIdNsmOV2sq7Y-2LJF6qeX0_VSmVlS6JrhKvbVq7j9a-tZB015dyPf8ArHG50_NkV0gb5v3wrFfJnRBYWtL5cL4SlILyLLqj8pSEM0DuMnOMWVVsjTYeJJ1eEV7wIuC_0XmaZ6oPSdtf4a0PFv_1r92GGjMz71Mzu5NGy7UNytSic3FHbgGkhcxn-dBkuEBg3tODeCbvuusjviJGq3Xc1qYnZYyWZSkUFR3DHv4nvZ4KnSRppmty9MUMzSHFWBVqSycNUkzRjbTXd5n7ZNTr25QjGz_oiYf5BzOipW4HwQ1-kX7Mueoqz3AQZMH9wP3AWP8_NJBQVvhZszckTuSGQwVnaGlqRtYKugdmSEwEHVjSrtyVauMrPWw4nzSaDrMp1Er3pp_qBzxV612JEKzm5ZIyVa8M8Uj_0E-JgwqXOrfNcieG7bVKsdxNpLp2wuPkw7xCGMB7eYYScRgPFz4wq8_XWD-Z5EpTpMN99DVeT0dsdecWSc2Pxlgfpl4pehe-eIZNaFNDyjFBrWnkW8hz1NqCs2A7S_4UvPptOz8ok6Tmr9Nbvr2lMFm7lJHQictBp8fAVqswF9tsZ9jKcAcuX8j6V-NePX-aA

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 600F 63 B
270 B 4791ms
36ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW14MJldQ_i.uJtHoqvynx9MsFyxYM914Ve_clrNk.Nk4Jl9Re3tJ9XvjHzK9zWuz3YMJ5tFFg4K1kl1BNlY6RcApw.44z
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4ca4ef3a650de4f758ef65f4e0c5e61ca7f6405c31ea0911c4fed14888242983

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:27:13 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK viewability Show response
hal900026.redintelligence.net/ Frame 16A8 0
150 B 334ms
28ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/viewability?s=79963400008673800951389011661026&a=b2a890f3&vb=m
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 16A8 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C68 0
0 62ms
61ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvBUNsc1fNx6KSiA8PiVVwm4uq-UtQsFeTqqkghr0pwmCNkD-n3BCnDiY58Dwj_jD8533xAe38768JJVachm9OmgS3oWDdvnDfyczHJ8Hz8ENqHblO5NggLwR5mizbaFFA9Zq1apIv7lefocigGF-JlN64VgEzGQMpYd0acCqXFwP7-nDZXUjWEKPVNH8wY-Myus2HsnpafU5tp87qeIN5VY6xEzsd35yhxYGq0WmQP-ArJGXzTDU8INH4xo1e0_ebELJNW6cTCc2uktvpv4mn0ypXuWHBYAkbRS7sZjlP_Rut9oR6tkN8ftfvvXAKF0eBlBcwF2DAyW8HWts&sig=Cg0ArKJSzG-70KkUWQKeEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:27:08 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3C68 11 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e638262e3b21ef3f6bce187d4d84e709f52d311f6de30794cd4e99a4aed4f52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8577
x-xss-protection: 0

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame A29B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5947 0
23 B 43ms
43ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=1581679106397401&bg=!WFulWx_NAAZjFomlYxY7ACkAdvg8WhOcVb2_W2sPKsj7y-IqMAqE_PtLXpnGNkMZqvVkpsakLI0TxQIAAAGPUgAAACRoAQeZAqCflwSamGLLYvNXpdYnXJEC4iTKRhSTjuPheN74YGA0qjRUo5g95OLm1dAVXyu-f4mnixyEv6pkGubNtxbAlImo_3IGX0-u1JfzyD4s0syvPtKKUsx7FpAW7YavS8nb-drMsqZiUPHgkNJYG5PO_3xQc5WOBkB-vlkbD7dNQL_QqNSVpVSi7qs3w7jNSILK90uLRaN-UewuB2OL7cvoq-qN8gr85JpTCV549AzmFKd0SMdc42UVFnOOeIDByL5kLXjxWIVVYcyiOPr8zWb5YZkZnijPIaKQAFY--NQvvJlmsSodTd6uQcyJkaZ4jDNTnOh3s-gHmBWW_DpLpcAZwdUe5XTln8BAryqslQolyVaIGXbvPcnfLbwnQ_Hq0ckORVt8sfnc5y9ByKUNLAOaZ0ba8cbUzdpmH-bYNjbnD1eFbo4-tZDCNs8TVOG0A3jSPEqn1TA7h_XyeWn4sFppBv5b776zM-_tuoG0V7MLQ-nqH9qFxkPWpD5wcbn4HrJ_xND-IpG8zl9vR9G_d5t5ULyzXue2MjrJqVOf-_O1iHdf8EtwB6HUtgdalHr1pPyi8nGBVT6Ae9fOH-22l0Jm7M2DmJ4qrKyDDfcOM2CBHrmDxGV0REiDGEo9yvqsrl-oQXJgciC6HWnjZ0m5AZ9ihPnHiBqFUbr-7gvW9kT4aUgagtwAaBc7luKBWbjL83PfCKO_MXypRks07z9E65xtJdowYOpRWVYX0Jf2Xc8hyRacJ0z2bbBxN9sP88fXabyWczEwU2vtD61sluNBiMd_A6Q2H5ipauZBpx4xECjFgAMJuwmGMVDS2dqS-BkmP62sqL-cC7X-EF5sI8tsbhe_GUZbhOeTW4iAWXODYphCiZlIm4c4HxwK7OT4-q0YO9zwggA

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C68 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:08 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2345 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstle-rxLDTLtPYzHF3f4rIbM46NvVG7sXvvDWsY3yGAA7g6MknjOTb9_8E4oDkpsqT98ZMRvDIr0T903UtpcBYswsX_gFB4mA&sig=Cg0ArKJSzBB9lOb2s_5qEAE&cid=CAASF-RoL9t20X1R6hjmiA6-yuRv9RSgPRcz&id=lidar2&mcvt=1012&p=0,0,600,120&mtos=0,1012,1012,1012,1012&tos=0,1012,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=20&adk=830827601&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626744427384&dlt=177&rpt=81&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F5A 0
23 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=2477018438646739&bg=!Hh2lHVnNAAZjFomlYxY7ACkAdvg8WooGnKZfzVXjFXvAUAcF1WFooWlpT_Q5WPFUba4Cw7s_DKIOowIAAAF5UgAAAA9oAQcKAArtYlEB1XU_OOcomQKRGOCOsH4oBqwS1DuCu-yVNaDWZJsnVAPJXtNK1HvwlJP6ITu5qX4EmyeYF6w_FfTNcf5ZyPtpp9XNYe5K3dVPX9Ep0syBXSaw3KCTiS61mwntxQvbfPlFbYr5AZGN9PADDAsFYpim0XBYkxHiI1DJdYFiEt8Nd1GsiHFEiWQ27imMavael8sxuxNAsczy3RRhc1sTgqUS1evZm8TnjMvPru4zmiG46scaRWNhFQjbPcJZwBwkQ3_OERPyqmHIEbydC3ZUknxKNDFNGdI_-qoV8NW19mhgpPZ_iljrHezlciJv4i5T79LCg94VhWOWDo2RRA_qUMLuNCfV5_z491dd_8ToG3Etuy7uNXCse2Z6Bz2-s3BRMc61YWQAf_GsU0XYGdZzD4Bk_edjUJOfBVbav30IS1lAllFhaz_Rk2xQh1t0m4eJB_3xPXHG5ZaOmVC0c7o8fKflwML6Hk37jzJZaAmHCtkjjlDMtuDR9Ho957dcwN_mpLDWaWNK9Eik99PegtxGiwycjApoN9CLDsc7AV3mzietE6Jbrx10i1oB7ZTDaBvSGPGts1hgdrWokCa209UtffKGmz2onvglpKIgUEC8Uy_UzpA05n3-w3nvl678i6ZBb9GskIVyVXCZ45UoFTPMc5d05qQagB2Tlqa1QFyMeRWOiGxZ4VPhSDraepBHEuQD-f9Wz1j6SOBVEodDAGEuFgRujN4s61DXu0Tj-16N4sAKrpD1LlRs4fFA00ALa_aJ_d4XnU6bSZNUFs0D2CPse8LzJx4HIk83A3C9_KZ8jRXJXD1TP7zeuOOastke7kOTH3Lg0J-zO23lfI1ar31-Lk0L5aeH8LjejIW3W2MIh_h-xrhg80AeM6-lQOtk

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E29C 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D5D4 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5d1c000ac61eeba164ea47174dc4db42a43ef14d8957abe6fa211a5fc6c1ddc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nG/tJ6K4GhjvG/d/f4dGvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:08 GMT
date: Tue, 20 Jul 2021 01:27:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nG/tJ6K4GhjvG/d/f4dGvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame E29C 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5947 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQMGAXxdzxODwRQN_5_tSmh81Jwr9oTEUHXtJs81kYUJ6V4TDQ9YGCCBVHep6LGW7bOzBAzkRyviaPorchIBmIDuakfk3wQEO4ScKqTxbGNs05QRsa&sig=Cg0ArKJSzEJoLrZGRuovEAE&id=lidar2&mcvt=1009&p=709,1045,1309,1345&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&v=20210716&bin=7&avms=nio&bs=1600,1200&mc=0.82&app=0&itpl=19&adk=3992931170&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626744427099&rpt=167&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D88 0
23 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=3014344654626943&bg=!MzClMHTNAAZjFomlYxY7ACkAdvg8WrejHO1nFvrTuMdQjQ9prl6DT3cXUM4tgEx7qqFLlJR5g7jIeAIAAACrUgAAACBoAQcKAMVPMFA3stttKpLgbW9-1zXUkvUeak1ySBbIaJlWG6DEaUOpyvCrQl2WLfnMBb-BqFUk7Y-9Sa0hVEYnjd_yFohh1mZI9Wz4v7ZiFTXSDXmea_1uvahyYby7oSu0hrRJqwLjAFbN-EXd1BaTYMD3NV-Kymt2zKmc-MrzBP4K5n4pW6IziwB_IXALWY10y6yrjdOffme0jQd6hfYPr4-7Wx2IdnYM_vZGnFQ7jvZXgYF4pveRXb0f35aUcXc415y7qnKWoXBZqJkCmWBijuuZaS1ITsRfwgdnalVpbYjBg0_xCSJu0k59hCbnKBybMNlEdzXMqLx-gWoWrJOYMOr5TC0TUDqO7ERH7GXDZR74a0g5-oqPTTN0fr8vTilJ5nJ5nPJ3CrDBKVS-VkhIpFKI8lidq8aOWnnJDbL-83TSt3NaPtbZn_PZQEXWIbvXRgS7-G4yV-pQneATbuXJLdV8FLLrd5aqCdqeFP-r_IpGS6MAXRTgjHWzQQsqQZUAG7_g1kTMJYEJCxFYUTq_1iCk6MVx2OXLWNhIPM8H4atuWHx3WyMOc9KxQrInvR1ghPbYlL763xBQpb6VhviZas_opiSHT3DND7IJqjsxgnnNw6nIesV1_EY4036BlYXag_z6zR8nMe7EdCOBlxlOBYnyNMeXYrMZeno6WpQjbd4MsdJ2vk6SG7xF5mZxQF4Cr-Y380U0gt9e1UUvadAZiFraA-PiedLxkGt5TmKIun4_3C07oCpH9lYeMlObGP6kqaHiTwHxhNuoMqcqQz5_mc73tXHYpdwQLH2MCh5EvrRQ9zvM7A-zSM3OtWjQy_jtvYeqTFt7S7ddSFj24oE4ep-J3IecIiJdQN1QBYtpyaB-5ZG7SGD_-wyWneIR3RCZvRny4S5XshFdwJ3DRvWtU32pvmNGJ7NcPiZyboFmKcGtKCs8SgKCTzFtdDwhsqmXlLFjjkAN_ZdtXRxYeDMKwUznCH5Dp7H6PsWW87jMQJAfuo8O9bHv2Ito0vmZrSJo9LpXE6mWVKugV--LYno2GHw7l-uIYqDbwEDm6Moj7LouXW-du3GBHorwZJYf6mqdKie1H_Xwp7AFV3_aBP6gBOpq_kqTjr-VfEnG1MG368MJqxZ7tbtuXiF4PJDUbIYmEhoTy40o

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C68 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=2173523008912094&bg=!S0ilSAzNAAZjFomlYxY7ACkAdvg8WuyVjdNXEYdb7Ae6lXgfHnPYA39Hd1kUAcmgu61uhVr_MQtaQQIAAACMUgAAAAtoAQeZAqcwgJ-Uvd3La6jRUqP18GF5Wc90YLdZLrKvp1d7x9YVbQ1YaHlQcHySeshb28Qage25G2JUmGNvk1lSdp6_jfgiqcJ8kESfi7wLmehNoHk6n52MeFX78JZRkZ8OAdgwIMzRmNv1NdYmvTAbemPucD8-jkuWDDxCQOAcSivxB2-iBg47PQx-QprE6KZKbjEs87O_tn5hAgcY03cAmqji9puGlJSRX3SoeO9i3TZIy3tULFEI6kT5Ec9boEwPJRyDCUdlpJtuzIxJ6DUuG3VCRZSIwDnkEKxQ3kCqO6Z_FmwKqOCGiZMQxOCVIZpwvhdVooESg-CkOFb6hTVb_jcF9khAsMdIw8r1jvjdX4f1OXn7q-1iMz93Qi2Sf9rPZeTSwK-LlsJMG20wUlgeQ9ffhZdFngySGltEIMhldv3k_jTkuXkEJPrce3AdpohYSbtfw5oReKuGCp7uBzxbJUJea3L6QQpOhWec5nZEwsZBTsBEFOqkkUs993JUp9V46b77Q-xEoD77Qpb6oiGeY9Bl5_LxbH9HikmwY2yPdnzaeTBpM0lbsuV2GRbmamXvZcwJUUsze_gtt05MW0RS7cO0AeaBWvp2fHadhizvG4Ws0poMrqhAMuZlP2fHB3VElDQnSaqwlHMzIF0B8Op8tyzs-Wi1srCT2ouZ58qFzuHjQ5sG7AJXatqCui-fCrWMlZ94LjcZS8fE1dK-gGnVC47zwhP-XwDjUMk3gbwua5z7bC14SEVgIu35rGnAqc5x6P1sDLb1J5vL4Imghq2kXcWLHv7FvwDwmWLH7fJnI_gsN75-tG0IdDoBl9qrDCAIIek-wiW3aRBnzk8fOy9P_klIqTs1YeQcjgE7D8rC5GZB15SJ9bSMdWNG64WaIwrrby7Abd259REJkzzK

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 087F 16 B
232 B 98ms
97ms Fetch
application/json 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jul 2021 01:27:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 117ms
36ms Preflight 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Jul 2021 01:27:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F48 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspFCRnniJ9jePhvd7aSQREZP_-1m8wnKTKYgJTofyunPMR-1HAE7hAUMybxD3nbsYlSXx6wqF0yuq7EqKnJW1RqfgsXRQdCNlsNnLepir_LU0K8smS3mglV5uRD3r3WHibypj3WLTqNbIDPNoru2Oi&sai=AMfl-YRueIRGv1lGxQFQWAsUDr5J8G8J3iS1_2zSCbeBHs89JRzGisEY29P26QNhfUrMxqaqoqO0lWf9feqFkFanY-hQuHGVmDYFLTk&sig=Cg0ArKJSzHskabLepsiwEAE&cid=CAASF-RovJcpYOT2LFBSEbwNFV_rKmqy9Uqc&id=lidar2&mcvt=1000&p=0,0,90,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3986629809&rs=5&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D88 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdEAl97k19le_0IwZb-wjZPqI9ve1PuA80gKGI1zTkOniw6hxqBDnjbcuOYkNqTA6FPHwDoe4ewdgwFfpJZOKwKWYg_YCWA-oG5wXYU35XOcEUlpL6&sig=Cg0ArKJSzOHGUO2gBpfdEAE&id=lidar2&mcvt=1001&p=1110,0,1200,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210716&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2527774088&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626744426972&rpt=137&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 33D0 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9CjSrKXCrWN8iN5dBa6TEuxfqvN60Gm7-Uce5z1m431QSCNzrYXIqkXyffH5JEI8d4V8U7OtL1QfQ36tx6MHfWOSCxOWEPQ&sig=Cg0ArKJSzAHkeW4XRGLREAE&cid=CAASF-RoRfaksfF2vizINg5PcQU-RglEHgIX&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1079704633&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626744427132&dlt=144&rpt=1209&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3984 0
0 58ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst27L0wrdmvRu4AKHRfj-ZETZsTR4UsiaIJp8enU5vPwdw2zlKT4uf0TRARhfWi55QqhUZaSL_eFw-u0otvbDnKPkAhBgxwz8AO8-NN9Mj2SCrDSOF008369RZbCRBiKoidWZBV_4ODbnBhlEO05nCXcRUJDxXv2dj6ypSnKkVSH0n2VQDJvwTtbhiEojW7v57-eyBfTrJXsae402n9AJK2lrgW6Hf_6xjy_xAF5atPXUjRZGEdfAvBYqdkhAX2iwPf_HcmJeCBGSMRMS4G6dfMe7Afa1ygXT_UfdZ_TfK0CrZ9QLg9LJYmB3B9ZAeifYgBHvzeWNUCNFwlszFhNkgNlkY&sig=Cg0ArKJSzDuYOkfsNUUBEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:27:09 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3984 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5650836b98301d81789cc1d4e012605f9516d310cba055ca5aa6d950134b484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8363
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3984 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:09 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BFA2 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F979 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2496141cf66cd27fe40590a7f70619e7ad58745f5d528f6e52d0d178277e033

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-weNuwOm8iyT6qnPlOfUj2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:09 GMT
date: Tue, 20 Jul 2021 01:27:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-weNuwOm8iyT6qnPlOfUj2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame BFA2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3984 0
24 B 41ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=2569293731683073&bg=!NDelN3PNAAZjFomlYxY7ACkAdvg8Wh-8arNtC9exTSCBNVO2JH4y5xHaAOtXc8GvcUFAyu88lxBHgQIAAABoUgAAAAloAQcKAGrbCGNvgEwwxVk-Q9zayfLI7BMBf8-EVDxUsgdZj81RaOmjMKEfR_YxRa7fWwpiNu_YME9v_QqNDQh6eAIrjjGoWvEIQ6DF3cjNH5GBCCt0RJrxOtEO7cG5n8MYKbkoVTR8pY43207ngSInmQKjSrrA8zpWfKu3O0WFT3gw9q3JLicbosrvHyKtzsjvvcZalcHX4FRnK6SUD4oROKXgaLX3ln-nBffrcn_uaPITB-sPS3tqF69e5s_LZnq7S76iD9vmba3_MhSiMSsF9_mC6CctCm4dwMPzJPv0gxNRG2Q--VULg6J74f6MfznZ6ZHN_2TJn64tUpcsqf5Z-RXJoCeJXGs92bWooaJ1aStGGrqHT5pkeHnbHLZE8qssYxvfKjwp107MJCPGUH-fI9r42YWvyIHxJ1jSNIINwxl-qESswheoSkOpOaiq6kxb2F3PwdzUmy2yblGo3DkzQlQ_waHMkiv2EOQab00_M9xFQP-B8hukLzfC4Up_NG4cKP_SLoK00jQLGiY2BZExEyzgR8g86F6sDG2jH18W3U7mABhyvg6kxVzHPjoXKkUiHIQ9ifX4vNWCaK8W00sajdqfMApo_UBbX94SOAbJt6Fq2KitpRjjZFflePsGTcdnKOctRcgJQJ1sPxKWgx0qba8LZF97NapolEWYcn9KXEEjQHpRBXbca44vfqxUPek4Bil7n64l172IBtBCK_kjmefJa-7dsWQAN_04Vdsj_ZT0dBXBPUx7h16AljkXxKFotN4GibzQks842nDCr5YqI8IscN_6YXk4KDfqrdAi-RxCYRgfbusI5ai62WVXivvWhxfSH9OX3kvvviACdEuNjPiM3PP24ZaByvpP6efFClS6NjvVni2yh00rxr5nDLw4WduayO6WSxEbA0fWSOBVbUvlNqYZPESllcX5_2JqjgW7nx6INtkIyPLgEs-r-wsmYidDlNCFiuSaZQS9k1iX4K5MD-XIXpxEkiul4I4Gv7N4-lskDBVMw1Qh69m1t2gtyIg2QOa3XxrRvO7XGRatl261-yNh

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/812117-what-exactly-is-the-web-EDMGHW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900026.redintelligence.net/ Frame 16A8 0
150 B 84ms
28ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/viewability?s=79963400008673800951389011661026&a=b2a890f3&vb=v
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900026.redintelligence.net/request_content.php?s=79963400008673800951389011661026&a=952262e5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:27:09 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3984 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoDJdF-lJMo0fx7ZlkTN-5v8ML_QpYElZsgT2VAVZD1hMcmx2h1Ysnwlk1buGH39gqhfYu8z4bkjyZsGuiLE1f8uoWLqIZjxFy1hkLF-ux204RCDwK&sig=Cg0ArKJSzJpvRcQmBSTlEAE&id=lidar2&mcvt=1000&p=335,241,425,969&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3523473241&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626744426887&rpt=127&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 600F 16 B
232 B 97ms
97ms Fetch
application/json 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jul 2021 01:27:13 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 37ms
37ms Preflight 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Jul 2021 01:27:13 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 164C 16 B
232 B 97ms
97ms Fetch
application/json 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jul 2021 01:27:13 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 37ms
37ms Preflight 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Jul 2021 01:27:13 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efd97641920c590ab1932f0b65e555115e2d93e12ce2b2db7994cdeb7223039d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8329
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:27:13 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4E89 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01FC 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4c067dbc65968c08d7d62b86a29692ef738d22a99b44bd35722b7ddc5caa806

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XC2XvBKh2EA8ftHTJIlSfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:27:13 GMT
date: Tue, 20 Jul 2021 01:27:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XC2XvBKh2EA8ftHTJIlSfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E89 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
25 B 41ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=328225399956990&bg=!NjWlNXHNAAZjFomlYxY7ACkAdvg8Ws5KG6PA_fFeVk-8uuEoTcl4XbS4IFVZIhmNyq6wLJYXOvVzkQIAAABmUgAAAApoAQcKAKNSUGjvvB0p67liRuiQZfKHzMrer_bHA9sW17KIMmGFzH7C6kIgW4LQz99eY_lDXcG2FR4_sjyus-vJLCja8M_etoI6jQxGPzd38m-bNi9HfeBwXmbj1RYT2Pts-CwHl229EmztQCmayECn3Ght6GCZ5FlE3nfJbSGhI3nXJFyM6ViOeUBBr3Y2rI7SU93SB_N-GeWbWJJFiAXjmbijquS0rr9bmQJ_zCIBe4KVdNynx8p1VUOMFQVAndc8axJ4snqpW0RUW-GaVirhDmDZ0FH9x7jqCjcEfVo99N_3zWf6_etOojBA-22alzbIWaDjhkvWsQsGaOuFzbbNP1kviXqlX_bmwBS7doRukJK2mdwf8wcf9usjl2JqJz-ZRZLmr_dhP2_RqzhjcwFzmPQEcPG5yvoBma0mhpn02Ui3sxM4gWziXcAvyQnprc6f8C6l2-aRXPjynoqrZ-SszO-roAHTph0Ospxfnlua0UdrcvLbO0PszwRkDbJKiHdcgkpw6NR2iEzYTk-6mM3bzsDA5HpO4uHL6owB10manMfUi-1dYdK9UHZT3kNdzmclklHFzfArlrjGLpARrttNSeSPy3MqXH6PVkVs13m6xvKl5K5IN2pK7gdNVnZNhNwO9AbTU4Jmf9Is1xVdTb0ini4qjirUcJV926CEJv27wISmDjagUL_baLa2zQH5beIkSHhqqLZtFskyCerbNOLk167QUe1IsO1fW8CwAmD07ATcxbzsQjF9Fu84-r9JtOtXr3F0te2Mwulu0Atg41Txnlot1Jnos1_C_MGW54ptmPkGEJa8yH6vzI7brDNZNtmGfk721esbUav8Vgd2BgN_QRamgYUOTKgl29XpRzgOHH-YASQbNCR3Vo7aANqQiEIfYklFtZD6IOeJy4MAB8oxA9Ab-FL5qFSdbjCip7J9tWJx3JhF600y6cUytD36rAoDILaceSp5slusIKvOlpWFohVCMzActkIeqhI2n_dnqgE6LFX3xgY4XobNp-XAcJykrBjDAWu6tH6BHFZeG7kYwebxJ9gkrq1-Wd4SnlTNutiA6Nec8ptmajaG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:27:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/toad/decfloat-error-in-db2.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/not/not-able-to-delete-text-in-an-excel-cell-closed-2.png

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/plot/how-can-i-change-the-edge-line-color-when-using-the-fill-function-in-mathematica.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/matlab/fresnel-diffraction-in-two-steps-3.png

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/undo/undo-line-ending-changes-in-git.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIgMX1D_JOuO7HeNtxumg.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIvMX1D_JOuMwr7Iw.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 22:02:00	Name: 8lcfmzhxc8d6_uid Value: 3c6eeac205cc63de
.doubleclick.net/	1970-01-20 05:14:00	Name: IDE Value: AHWqTUmRDRJWTZZPl1KGfDtJaGX72X8vvwuDU80rPWftT9mRzmWptK8EokdNuBZB
.doubleclick.net/	1970-01-19 19:52:28	Name: DSID Value: NO_DATA
.youtube.com/	1970-01-20 00:11:36	Name: VISITOR_INFO1_LIVE Value: daEC7uwp5yo
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NnJCVnJcTZI
.pays-tarusate.org/	1970-01-20 04:38:00	Name: _ym_uid Value: 16267444261058991069
.pays-tarusate.org/	1970-01-20 05:14:00	Name: __gads Value: ID=388204314141f13b-22506b8170c90003:T=1626744427:RT=1626744427:S=ALNI_MZWg6_EG5vw0C_FlZdyti4c6ghSPw
.pays-tarusate.org/	1970-01-20 04:38:00	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdhYzE4NjAtZTEzZS02OThmLWE1MzEtNTYxZDZmNDNjYTAxIiwiY3JlYXRlZCI6IjIwMjEtMDctMjBUMDE6Mjc6MDYuMTg3WiIsInVwZGF0ZWQiOiIyMDIxLTA3LTIwVDAxOjI3OjA2LjE4N1oiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.pays-tarusate.org/	1970-01-20 04:38:00	Name: euconsent-v2 Value: CPJnYAmPJnYAmAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.pays-tarusate.org/	1970-01-19 19:53:36	Name: _ym_isad Value: 2
.pays-tarusate.org/	1970-01-20 04:38:00	Name: _ym_d Value: 1626744426
ja.pays-tarusate.org/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22I01jdSQ3p%22%7D%2C%22C1137286%22%3A%7B%22page%22%3A1%7D%7D

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.7
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx->start full check gdpr
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx -> DE
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt->cmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt native v.1.1
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 336\|280 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 336\|280 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 0\|0 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 0\|0 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 728\|90 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 728\|90 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 728\|90 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 728\|90 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 300\|600 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 300\|600 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html(Line 13) Message: err\|not Hh&Ww\|change default->1200x90
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
c1.adform.net
cdn.contentspread.net
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cfcb8050b0ab716449b441b211c6603d.safeframe.googlesyndication.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
counter.yadro.ru
cst.cstwpush.com
d5p.de17a.com
diapi.webgains.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900026.redintelligence.net
i.ytimg.com
ja.pays-tarusate.org
js.wpushsdk.com
jsc.mgid.com
load02.biz
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
na.nawpush.com
newrrb.bid
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pays-tarusate.org
pixel-sync.sitescout.com
pixel.mathtag.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
s.tribalfusion.com
securepubads.g.doubleclick.net
servicer.mgid.com
static-de.ad4mat.net
static.addtoany.com
static.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
tracking.m6r.eu
um.simpli.fi
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
pays-tarusate.org
104.111.239.217
104.19.136.78
13.224.99.121
13.248.242.197
138.201.63.145
138.201.84.244
142.250.184.226
142.250.186.162
142.250.74.198
143.198.248.64
148.251.139.77
151.101.65.195
159.253.128.183
185.29.133.58
193.0.160.128
2.18.233.201
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
205.185.216.42
213.155.156.164
213.174.135.24
2600:1901:0:76b9::
2606:4700:10::6814:b844
2606:4700:10::ac43:2794
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2606:4700:3033::ac43:9aca
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:813::2003
2a00:1450:4001:813::2016
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:6b8::1:119
2a04:4e42:3::485
3.125.99.7
34.240.2.137
34.96.105.8
35.190.0.66
35.210.53.219
37.157.6.253
46.236.13.147
46.4.10.49
52.28.120.199
54.72.233.75
66.155.71.149
72.251.244.142
81.29.72.47
85.114.131.233
85.114.159.118
88.212.201.198
91.210.107.38
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4
05da4a7ffac20fce3b91774bd42c3213ef046fadb13938b23543f353f5726124
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
075f16f72dad9b971925a81d4e37fd49be63b4c04df8ab576eaee8361aaea2cd
08305956499a927280152e460fd231b3a54b6543d616004764c29ca5fad2dd01
09e576d471f4e31ce03c407945a63e9c4e3a8055ba4c1f586b1419a73534fd17
0b753b846d0c6ede4871bfd53617c04b0d42d426b739599bfba127fb5cba9f18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e8e27106c25105778ece4bd58436a094dcd034fc72f7fca03a1511b37076d33
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4
14e3cdd51580b866e12a2220c5a394d1e8fd59c13cb98e2538b0cb44611e7e00
15f91bd8c0acb5073982a90f2b66a2cd626a5f4b09ddede8448b81131bd01d17
173649a681fd076c6a1564df9b0a423ea7d401d8e982950feeeb9b0d1ff1f1d7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18af7323671d086a766443ef797dea76e08a212ca73b8b3deae1b534f1409bab
1c64a274f9141db54a4941e38e9bc028094cfdcb691b7acdcd32334633a9eb14
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e1d90836d85ed4726d6bce8ac1844407f5f70d9861f3c58b3d1052443e7f641
1e20c46ec448db624c5a34087e6ef93581cdbd16c7f36973a21b22b997061bd4
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1eb7e4f160f645b4d742bcbc47bc5c9115a8d78fbc04862a3ebcafd4cc0cca00
1f615b1fabd2cf1d98aaf41bdfd08132dffd9fc1dc18ab64405dbb46dd485ead
20024be28d3591d0c139ad2fd9ef4b8a32a513c68d4c89136b65bac58c54fe31
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
214c6d0cfdab6030610d0fd3f36e5efca53998b8dbccd779ca1922f4445ba9d9
254d12de2ddfa131be825d2aa029152e749c2b92230327c20b4c22c6f075d8ed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c92fa83c9921b72a3b0b7fbc55a4ba6bae3f7f311a1e3ccaf228b8b8ba52d6
293f545fb50bc98b8db534cdc41ab3825c6316e112a4b59a3718c0d4cf98c871
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2ce4f43295ac30f1d982a3888930d3a0462c2cdf80354bc10219c6ba7c9543a0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5e95d142f8aac59f9a58ce36d5598a81301dbf5bd8b99f2fbe2bee765b73d4
2e8c68abf340bf0c00255d90741afaf0c379b4f6415b38fe6e7e125886d9ae53
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34c9c13f7373cddd250356f30473709aeae3cdc2d56a5afdeb113b3033c33ea2
353b2e68c0aeefe645d21343a30f43420cf68526a44536b90ffff8d48539a2db
35cced6b7c30562db59f723a5b4953ccf1c6406485e3b1772e717e50ff096b65
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3e198d9d3c9a82dd010e323b63db78fa00133b029ffdee325714798321be641c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40577c03222b03f1997d4dadf4ac6410e9abc2712affe36689e35bc6415ba51e
40c8faf87627d1a9ce0d8d3f5c8e9dd01feae48ff39753062e010f5314d4f4f5
41747b0d00d50be011fb118fdad7fb9445072002034cb77ee9e5bc800728ae08
437f527e3afbabea46c842051b2962ebda658a36dd52cf0754f9bacd0a39b5b4
4545f44ba1d4ce843af8dba9d9736cce7d0ad2bbc089f835d98af3e6bc4e1e70
45988155d09aa7e564baf5913a246e2c816bd2e9ca860dbb32a2347f4413f816
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
46ac1e08710306d2cbe33f93e5f164b4af097280878d330a0535879173bb353f
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
47f0b36fb66ab2eff5f188a0b9ead47bf78163df69fef45872b809831a6dfbdf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
48f4227c0b44f821305f0cb79b47a5f0e3e7d53c44e0e72d366f5ba2bfeb31af
4a1c4179f503e7a42fac6e2bde3220a18857b775a512c9cd6c03eebc31109332
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4ca4ef3a650de4f758ef65f4e0c5e61ca7f6405c31ea0911c4fed14888242983
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52a143739dec8bde162e97be97a1b7a0994174fb3b5298e81a2cb8db4a96c1da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557028ee75879f79780bfd235db572bb08cae47f75773aac12782605170f4cd0
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
587b441a510ad04eee3152bb89565fdfc537313ea1022dc15d0cb560c8feaa51
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b25e2b855d994b27c158c1106878b933376eb182d238ead5d116086713625e4
5c43e93ee0999bdb43a81a7c5a591d2211f5e514843912dd29851a18919588a2
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5ecb7d95b7bc32a0170f0056f82d4a378026b81a36b7c2c06da6ae8b85ebf07f
63aeed04a890d47d8f405949cf32eadcd4cb6b09b05e21a3e72f254ce0be97ee
642fd9e48076f64b7e1f6e063639642a620bba3ed4c3ab6834f01562eb2644b8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68d410fdce0b64474896156e1c5238f2a0796f178bb84f58f19e00eead1248f0
6a6ff4eb898d750d8fc88acca033f1b861f597180031ab8d35c76f66ab78af17
6ebf1d07df520dc7604f9ac09f0025dce4ddb486b88a5dbce672e60c4fe79784
705b11939143e6ff022898d07429149eda8cdbf97ef6da908681eadf2f6f0fa3
7089e96f05686093215e5dd945ac9af8f8a6d4ffc29edd0f07ba740100bd795c
7153fd6184c4659b3ad6c50a00b1585ee19c1718626c4f7efcb7014be8f83375
718ab98005b379d798d724e8a0da9876d9a66dc91250401c2462190e3fe23056
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b
7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7d24f3b29fd510b6529c87284bad7f8f4280e30a3b55bbd45c8d62b7fd5982f7
7f6ec9192f604e9bec7a38f4d2b2ad5e81184c05a5395d131de6c7129f9f1314
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
844e4b7f3e584f7c1cf0763ed7c67cde6a7aa158c95ca8c62e1b870f11f47ce1
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86dfc858906ec36833fe69f6e9122de2c555b1d7353a8d94ee1ed1f1ce563870
87ce9f34f4684d5ca1f6260a9202d46b88231ef1bfa7266318c69fdae2032fac
8c632a69b02a2b1439ac89733c8f7c45ca1d9f47f1c4f43b388acd5e5687f232
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f19e57d22d8d09581958d4d3ec39a5379fad9cd9a1bced3ba574212f29e4b0b
8f9bb84637e570ce691770e160844af4301975652065181933d8d6560ea6613a
906272cf05450a1cb628be7e401c7ab9ab0c5fd39abfc48548056c5d22f5db24
9126834120804b4123a5239704a7673e4a9b121611f9446b0767f085d412411e
953fbb986c03c4c97a3d7ddc83c049cb2023f6ac7df4c5a9a4efd8f3770065b0
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
988a50924f595829656cde568a76d7fb47d18b737ab9352f852cb679d885511c
98b9a7b2512dad43e54d0dc283f63b529e7eecb9e3114e402c262a1546cb8fd5
9a342c8a21235b45f1578d15ac7b157b7d46a0217b603ba07561bdffe21a8a14
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9cce0c71fdc40f9301047e0cb73a319ed9d2b738587685e98f2014b7c8ad653e
9cf5a4f6c1554820dd5935c4e63efe45d3a5132be12250e05e3fde7890d17a7a
9d9eec422e06eae0663d89e9302c70fed2ccbdf3b6eef33c7b21d8bc49ce06ad
9eebe232b2c0442dd6d74ad8294f40a7b1e64acc93b5a6b5a3989031f3472f93
9f003a05d8863b30a787ef57d34a16986d4aaa37dfebc6124e9abafa1426050d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0db786a9a0192d9e3651ea58c2d31f09e22a1c1bc1ab80847bf8f27da11e4c9
a24bf435f35ac214cad692735eb2f8a9235101f45c115b1ef1265cc275cf3c50
a33f0dff45ec00a74d89c8c07a2dd118b32b6e09e76f1286a0496fa3f7a50a9e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6c71cc480fa015add91b6d594f55ec0374f8e58c9d4039760b58873f3cea1d5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab3f1887593ac8bd6d2040a5eb64dfab60b455ebf8edbff822fcb53e89969091
ab78dccf0128a9195171c9e27d6457c78b1e9fbadba9a57f9a92f194c7d3d7a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b599171e55f10f8ffebfa1e2b116d9858ecf71cda0affabe99bd16b651855ae8
b5d1c000ac61eeba164ea47174dc4db42a43ef14d8957abe6fa211a5fc6c1ddc
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b73469b479ef6adebac93a946f8b231ff558fd95338589aa5b8d4f23e67f132f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb9ebfd96ff838aa6df9d085cd8036b2ce20e1e2d463c14fa85c2d4f77f1d959
bce7683eefbbfb282a4d432b75bacee6c6fa09a6f781566c02708acfa3fe8db3
be028ddbc85d79d86197ceb7996f571178592413b982fa59e79d39fc1938a651
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c4ee568d4318cbc9b262c7ad87624df8679037b3a96d95b2d6b77ed59b2e81b4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbac863d2fb5589d11c75ddf028189eb39d22ec3496440cbbdf2b4ce7fe82d53
cbc7ed4ccaaef1cc74d01c5ec6749336ec98dab62745b9023f3c34e7553ac401
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf4dca73ba7ccf6caf531d557a7c1ff8dbf535364ef1caa224219db3631787af
d0fd3ba289d7cec5ac46a21320519b6e6cdf1d90b05f390c834051ef62c48b49
d11d2bb6c2aeb4bc39a432b96fbe5124f2c15bceede9a9e9417c2561dcc4fef4
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1a5cd3f33906c9b5eb59900607a5adc1df17a891426dabf8f308c9b931d952e
d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a
d2af0d76b7e06d612af0667915d73c075cbf16fc7019482a9a1678c89734b5b8
d7843eb6f53c01e1a367592f612780f02ceea172368acf5266f618e94848247e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d815775f36de7cf811a67054ef9b292cf0b7730c61faba018c5756fda850f136
d8c55e85e13b44ceb83d60ff0fb6a9342f9607da7fc0ed3ba098fad989ad39c3
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbda19c69a7d318eb580f057e09f176224401cd8ffec9abcefc4a9f7399ceb20
dbecc29bf0b52316521292577d50f86832d66c75d8593b120227ccb5baad5cd5
dcf59f03523237d1e644cf0deb8af473436b82c95bee8418af2bbd10c3875800
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dffcdc6ec7173fa1c6f04937fe88cca164a5fdd248448755a8ef4d56f896e664
e2496141cf66cd27fe40590a7f70619e7ad58745f5d528f6e52d0d178277e033
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9940a1698476f6f9aa2a8ca09e88666263154aa86a72bf473947f0f09793b
e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e638262e3b21ef3f6bce187d4d84e709f52d311f6de30794cd4e99a4aed4f52b
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
e94cb1eb3592f7427d936ba47da61827462012a43612112edce3186e2d93881d
ea13739a6ab669cc2f16a95685c1ed8c0fa771606e3a217cc2093b91103012df
eaeff6a49c1ef81454d8e2fbcac740d2f7cab5730df455a2ea05357fb425a16e
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd97641920c590ab1932f0b65e555115e2d93e12ce2b2db7994cdeb7223039d
f0fad84ceda4683f8ca06ea72061817ab2491752e28ca03971f7778b03ace8b7
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1
f4c067dbc65968c08d7d62b86a29692ef738d22a99b44bd35722b7ddc5caa806
f554bdb394c0aa643beb1649763d6039621078db3b32a62155c50c5330ee3f7f
f5650836b98301d81789cc1d4e012605f9516d310cba055ca5aa6d950134b484
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fe84df1716ecd538a3b645272ee8c898a1d459395ba182a483ba0f6e14360e73
fe88fe12cf30ddb03f0747475988dea8bbe375df0f4a7e2d3b1d06e10a621464
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

ja.pays-tarusate.org Open in urlscan Pro 2606:4700:3033::ac43:9aca Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

446 Requests

95 %HTTPS

46 %IPv6

53 Domains

76 Subdomains

54 IPs

9 Countries

7710 kBTransfer

15600 kBSize

12 Cookies

39 Outgoing links

Redirected requests

446 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.pays-tarusate.org Open in urlscan Pro
2606:4700:3033::ac43:9aca Public Scan

Screenshot
Live screenshot

Full Image

446
Requests

95 %
HTTPS

46 %
IPv6

53
Domains

76
Subdomains

54
IPs

9
Countries

7710 kB
Transfer

15600 kB
Size

12
Cookies

446 HTTP transactions
13 data transactions