urlscan.io logo urlscan.io
SecurityTrails logo

helopal.club Open in urlscan Pro
2606:4700:3035::6815:5c4b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://helopal.club/
Effective URL: https://helopal.club/
Submission: On December 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 11 countries across 53 domains to perform 298 HTTP transactions. The main IP is 2606:4700:3035::6815:5c4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is helopal.club.
TLS certificate: Issued by GTS CA 1P5 on November 1st 2023. Valid for: 3 months.
This is the only time helopal.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
27 2606:4700:303... 13335 (CLOUDFLAR...)
43 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 51.38.120.206 16276 (OVH)
6 2602:803:c003... 26667 (RUBICONPR...)
3 185.106.140.18 7979 (SERVERS-COM)
6 212.77.99.29 12827 (WIRTUALNA...)
3 145.40.97.67 54825 (PACKET)
3 185.184.8.90 204995 (RTB-HOUSE...)
3 37.157.6.233 198622 (ADFORM)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:244... 16509 (AMAZON-02)
1 65.9.66.104 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.220.142.223 16509 (AMAZON-02)
2 141.95.98.65 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
23 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
6 13 172.217.18.2 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 35.186.253.211 15169 (GOOGLE)
1 1 79.125.82.191 16509 (AMAZON-02)
1 159.203.145.121 14061 (DIGITALOC...)
1 1 20.127.253.7 8075 (MICROSOFT...)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
2 3 185.89.210.122 29990 (ASN-APPNEX)
2 216.58.212.130 15169 (GOOGLE)
2 142.250.181.230 15169 (GOOGLE)
1 2 52.17.48.145 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2602:803:c003... 26667 (RUBICONPR...)
2 2 193.135.9.129 48314 (IP-PROJECTS)
2 2 89.163.155.32 24961 (MYLOC-AS ...)
3 15.197.193.217 16509 (AMAZON-02)
6 2.19.217.60 16625 (AKAMAI-AS)
4 172.217.16.130 15169 (GOOGLE)
3 69.173.144.138 26667 (RUBICONPR...)
2 2600:9000:244... 16509 (AMAZON-02)
25 3.5.71.60 16509 (AMAZON-02)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
3 212.77.98.32 12827 (WIRTUALNA...)
1 76.223.111.18 16509 (AMAZON-02)
1 1 8.2.110.113 46636 (NATCOWEB)
2 209.192.201.180 7979 (SERVERS-COM)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 23.213.164.238 16625 (AKAMAI-AS)
1 198.47.127.19 3257 (GTT-BACKB...)
1 216.52.2.16 32475 (SINGLEHOP...)
1 69.173.144.165 26667 (RUBICONPR...)
1 37.157.6.254 198622 (ADFORM)
298 71
1    2606:4700:3034::ac43:be40 (United States)

ASN13335 (CLOUDFLARENET, US)
helopal.club
27    2606:4700:3035::6815:5c4b (United States)

ASN13335 (CLOUDFLARENET, US)
helopal.club
cdn.helopal.club
43    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:225e:9c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2606:4700:3035::ac43:8b1d (United States)

ASN13335 (CLOUDFLARENET, US)
fun-dare.com
7    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:206f:5600:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.optad360.net
4    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
6    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
6    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
3    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
3    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2447:6400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
1    54.220.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
23    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
13    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
13    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    79.125.82.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-82-191.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
5    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum.casalemedia.com
3    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
www.googleadservices.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
2    52.17.48.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
ihg.demdex.net
1    2a02:26f0:480:f::213:7ed6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2602:803:c003:200::67 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
2    193.135.9.129 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
2    89.163.155.32 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm50.as.net
cm.adsafety.net
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads4.g.doubleclick.net
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2600:9000:2447:9600:7:dde5:8880:93a1 (United States)

ASN16509 (AMAZON-02, US)
joyn.kr-adstudios.com
25    3.5.71.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
1    2606:4700:e4::ac40:a70b (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
3    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wpcdn.pl
std.wpcdn.pl
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    8.2.110.113 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
2    209.192.201.180 (United States)

ASN7979 (SERVERS-COM, US)
user-sync.adxpremium.services
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
1    2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vpaid.vidoomy.com
1    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
688 KB
38 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
370 KB
28 helopal.club
helopal.club
cdn.helopal.club
1006 KB
25 amazonaws.com
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
243 KB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10017
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
61 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
308 KB
7 gstatic.com
www.gstatic.com
109 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
383 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
8 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
6 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 8238
1 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
1 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
3 KB
5 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9875
user-sync.adxpremium.services — Cisco Umbrella Rank: 12438
8 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
356 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
firebase.googleapis.com — Cisco Umbrella Rank: 3835
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 525
32 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
42 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
rtb.openx.net — Cisco Umbrella Rank: 695
890 B
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 4544
cm.adform.net — Cisco Umbrella Rank: 1211
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
2 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
22 KB
3 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 8882
104 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
716 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
35 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
769 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
6 KB
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2232
vpaid.vidoomy.com — Cisco Umbrella Rank: 2959
19 KB
2 kr-adstudios.com
joyn.kr-adstudios.com — Cisco Umbrella Rank: 792043
174 KB
2 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 21125
3 KB
2 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 30222
1 KB
2 demdex.net
ihg.demdex.net — Cisco Umbrella Rank: 7591
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
25 KB
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 39286
226 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
277 B
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 8046
484 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
140 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 11675
3 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1586
63 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1442
709 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4454
134 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
598 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
684 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 optad360.net
cdn.optad360.net — Cisco Umbrella Rank: 61231
3 KB
1 fun-dare.com
fun-dare.com
12 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
10 KB
298 53
Domain Requested by
43 pagead2.googlesyndication.com helopal.club
pagead2.googlesyndication.com
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
25 joyn-creative-hosting.s3-eu-west-1.amazonaws.com joyn.kr-adstudios.com
helopal.club
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
25 helopal.club 1 redirects helopal.club
23 tpc.googlesyndication.com googleads.g.doubleclick.net
www.gstatic.com
helopal.club
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
13 cm.g.doubleclick.net 6 redirects 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 s0.2mdn.net helopal.club
s0.2mdn.net
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
9 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
www.googletagservices.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
helopal.club
7 www.gstatic.com helopal.club
googleads.g.doubleclick.net
6 eus.rubiconproject.com 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
eus.rubiconproject.com
get.optad360.io
6 www.googletagservices.com googleads.g.doubleclick.net
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
s0.2mdn.net
6 ssp.wp.pl get.optad360.io
6 fastlane.rubiconproject.com get.optad360.io
6 onetag-sys.com get.optad360.io
5 www.googletagmanager.com helopal.club
www.googletagmanager.com
5 cdnjs.cloudflare.com helopal.club
4 googleads4.g.doubleclick.net helopal.club
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 gum.criteo.com 1 redirects static.criteo.net
get.optad360.io
4 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 cdn.jsdelivr.net get.optad360.io
securepubads.g.doubleclick.net
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
3 std.wpcdn.pl ssp.wp.pl
3 token.rubiconproject.com eus.rubiconproject.com
3 match.adsrvr.org googleads.g.doubleclick.net
get.optad360.io
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 adx.adform.net get.optad360.io
3 prebid-eu.creativecdn.com get.optad360.io
3 prebid.a-mo.net get.optad360.io
3 rtb.adxpremium.services get.optad360.io
3 cdn.helopal.club helopal.club
2 user-sync.adxpremium.services adxbid.info
2 joyn.kr-adstudios.com s0.2mdn.net
2 cm.adsafety.net 2 redirects
2 ads.smartstream.tv 2 redirects
2 beacon-ams3.rubiconproject.com helopal.club
2 ihg.demdex.net 1 redirects 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
2 ad.doubleclick.net helopal.club
2 www.googleadservices.com helopal.club
2 www.google.com 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 oajs.openx.net 1 redirects helopal.club
2 id5-sync.com cdn.id5-sync.com
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 get.optad360.io helopal.club
get.optad360.io
1 cm.adform.net adxbid.info
1 pixel.rubiconproject.com adxbid.info
1 ap.lijit.com adxbid.info
1 image6.pubmatic.com ads.pubmatic.com
1 ads.pubmatic.com adxbid.info
1 vpaid.vidoomy.com vid.vidoomy.com
1 ssum.casalemedia.com 1 redirects
1 vid.vidoomy.com adxbid.info
1 as.ck-ie.com 1 redirects
1 eb2.3lift.com adxbid.info
1 adxbid.info get.optad360.io
1 code.createjs.com s0.2mdn.net
1 sync.inmobi.com 1 redirects
1 cs.chocolateplatform.com 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 rtb.openx.net 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
1 dis.criteo.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 r.turn.com 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com helopal.club
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.optad360.net helopal.club
1 fun-dare.com helopal.club
1 maxcdn.bootstrapcdn.com helopal.club
1 ajax.googleapis.com helopal.club
298 81

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
www.facebook.com
t.me
Subject Issuer Validity Valid
helopal.club
GTS CA 1P5		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-09-17 -
2024-10-15		 a year crt.sh
fun-dare.com
E1		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.optad360.net
Amazon RSA 2048 M02		 2023-06-26 -
2024-07-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.wp.pl
RapidSSL TLS RSA CA G1		 2023-03-09 -
2024-03-14		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-03 -
2024-04-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
www.kr-adstudios.com
Amazon RSA 2048 M01		 2023-02-05 -
2024-03-05		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
adxbid.info
E1		 2023-12-05 -
2024-03-04		 3 months crt.sh
*.wpcdn.pl
RapidSSL TLS RSA CA G1		 2023-05-06 -
2024-05-17		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh

This page contains 41 frames:

Primary Page: https://helopal.club/
Frame ID: 664989D06F47B01D3C4BD7EC4EFFFF81
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: FF09DCC05245EF2E5AFFCAE63B185F7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&adk=1812271804&adf=3025194257&lmt=1702047636&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fhelopal.club%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636613&bpp=3&bdt=335&idt=273&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2867536099469&frm=20&pv=2&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: 230F883F1DF546FE8DB47C356C1F062B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Frame ID: 95898427512FA5CAF84C575D49C1A96F
Requests: 2 HTTP requests in this frame

Frame: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A0EBEE171CECFAB0E999C05E5F2B83F2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club
Frame ID: EE27CE36CC1E9DB476816E86E0BC914A
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1E08D4D751DC2E816973501A8A84EA88
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: C39F47F49F9CF71533255EEE6DAE0209
Requests: 11 HTTP requests in this frame

Frame: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6DC4B9C9B6E1539A11AA94953E6747A0
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/index.html
Frame ID: 28C682545702643D0B391E5BBAA835B3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVI1gTlrPIQNQ4qq8YiK37d6TUTcN3qYpN2sWzQsAjdlpTsqTwzuITj-xpxoAEZnJpVAiAlsydZHteVnOLRXFMZbyt5ewQcf5HtRksZTtuYWmeo7x9chkQCcH9-xM69Lv1XqEkTyOMJcgPQHWCmnO3vZe8GX62tzaXFwlmpKv_i73LNPG44oeLQ2biICuNtYXywwMsOrupS10IorBvqCjtoh9RcRw
Frame ID: 367A75C65BB1BC2628BF17D7D64F481F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0FC38C49149AD0E8FE2D798C5AA36C89
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 46D962FEF2C26772B2CBB5AB9CB53277
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 3A8F9097417E348D31FAC5ABA2E2248E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
Frame ID: 64972ECFF6A5C922D493E85978CAC0E7
Requests: 5 HTTP requests in this frame

Frame: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31A2342033BBBDFFEABDCBF30B1D9C31
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNV133zMeCJ1J8S64L_mC42wS7jusH2aBTJZd4xFNk8eAsosgQrhshyVxCICH2cHIcJ4iRa6cfG2oC4scuq1vwI8cZifisA4v73Af1EgbOBqnUByU_Y
Frame ID: BADC0E479806D793A6F412E7B9100F6A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E70105A63D406E347C6798DFF97CFB4F
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: F075A2BF37634261E6687431ACD9902A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 07600670ADC8012C7130E9EA6DDEFA65
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
Frame ID: 4B212D72C91CE9FE4FBEF446F078D5EC
Requests: 24 HTTP requests in this frame

Frame: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 227621A0E1DD9118411F09E6C3867CF1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhi8pLJvMAE&v=APEucNW9PCBZMUTvddgR4Sb6SBWsRtEIYXuBgg7-YQ-X4naK00dAKDA3AyiPMgBnlf5PqtIP6p4CDjuVljU42uC4sILzs-GuRYDpGDugUtx4g4om_vaBJQc
Frame ID: E49957E365ED2ABF77C0738E1F3B6455
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 424E10A22F0684401F5D212E73450BA3
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 59D534796022B01BE15C3B0EC68389C8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: EC901698754D787EBB44560344CE77E3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CFC195C33C8970BB1B940F2CD44DE476
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
Frame ID: 8F3D172BBFDA16A445EBBD7B0C144D91
Requests: 17 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Frame ID: A5D893D6EFCC29F1DAF139C88E1F40FC
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 7E3E5232C37CE8710639B1B45087FCAD
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702047637020&gdpr=0
Frame ID: DCDCA6ED4F9E353BE9524F5CECE0DC89
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702047636914&gdpr=0
Frame ID: 6331D53E09DFCEF0F299733DD91EAB2C
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Frame ID: BF6B5889CEEEA8B23146DBA57B7681D2
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Frame ID: 490FD4D1AA204F65319395E7B865447B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702047636914&gdpr=0
Frame ID: B29912CBEB50EDF24B2C4B724B6AED14
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 7E4B9919BAAF0669DF31E9F8BCE3F3D8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: FC6B8D924F319F48EC5BF3B1E0D111D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8742F2A6C111BB02251858CB8127520
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 515E6847B06C6B52E747CE54ECB3EB19
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 49E1DBA9B50883D5B2B5FCA92C26B8BE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D48EF2C6817B9F6A80886D12DB4A8101
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play Friendship Quiz - Helopal.club

Page URL History Show full URLs

  1. http://helopal.club/ HTTP 301
    https://helopal.club/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

298
Requests

94 %
HTTPS

47 %
IPv6

53
Domains

81
Subdomains

71
IPs

11
Countries

4420 kB
Transfer

10632 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://helopal.club/ HTTP 301
    https://helopal.club/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
Request Chain 107
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=helopal.club&sn=ChromeSyncframe&so=0&topUrl=helopal.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=MA6CLHxaQTR4RC9lRWt6SjluVGs1Q2hXWkxMaFdVbUZMUWRHN2EvUVJ1MzNTVXFBN1RkTUQzL2RwbmRFaEN2V3hlRldDUlROSGVzZ3dMWlgwN2Y4S3krVWgwTi9jWUFEVXVmb2o4Wno3NmFmTU5yMDN4Yi9kS0JZMzBYdDl3TXFFSEJ1anZFSC9XNVJncUR0K2lPekNtbHJJRmJ5d0wvN2ZXaDF1QWF4MFNyRzNpQzA3eTdTYU9Qcm5DZkJTcXhFck82U0VIcTRpaXlFWCtXMjdOakVPSyswV01TeWlZb1RsWW9BY3QvQlF6TnVLUThzUHRkWGNrbmhOdXhDQlFQN1BxanBHT0xsSng2bzJRTUxHNXRwRmsvcm94Y1NEVnJSTGdzV1FmVTh2RGx5Qm1yRT18&cppv=2
Request Chain 135
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDZlZDhA3pXqMP0N1p1p4Uc&google_cver=1&google_push=AXcoOmTia-CBq4nU2yhEIwq7Zq0mCxUIYpGPa_eiT9zQjv7szp3WeqDJr1vkH26uemt_3nU1Rkz6In6-tdu7psX8OrlIMQvQT3useQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5MTExOTQ3NDY2Njc3NDcxMQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDZlZDhA3pXqMP0N1p1p4Uc&google_cver=1
Request Chain 136
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBJ2w9rC19yGH3WR51Jnb-8&google_cver=1&google_push=AXcoOmRBfFppHtCIpxLGMJ8N0J_ucpBIu5lowZy9vWA3y6uYarxy2PWmkud4jUr8K4aCKLTubGlO5aU30XLSgAC1pnpPd7iIWW4Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862055548164&us_privacy=1---
Request Chain 137
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSfAZr8XX-WFE4KT4AfYKUV7C8dosK545gkxSMoZfmJx5vuc_D0x9g1NCz4i_qtsTJBHQQJyItCRrm_6t_A4kLZIHJW4jDN2A&google_gid=CAESEH1SGG59KDgqYriqvEbmeE8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cMafUhNvb4TX_w_vRfud4fN8KwvK9gjGyvCmcg&google_push=AXcoOmSfAZr8XX-WFE4KT4AfYKUV7C8dosK545gkxSMoZfmJx5vuc_D0x9g1NCz4i_qtsTJBHQQJyItCRrm_6t_A4kLZIHJW4jDN2A
Request Chain 139
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGtWLncXG5nY5ES6hc4zJNQ&google_cver=1&google_push=AXcoOmQNcNFxrapvP1w-QBRDMT95CaRyKnr03uJ8gMZCSWwdcaao-pF0Mn1S5kCxOWHxyeduRo2fqgmfREvdUSyP4x5Ixlk_OuTUsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQNcNFxrapvP1w-QBRDMT95CaRyKnr03uJ8gMZCSWwdcaao-pF0Mn1S5kCxOWHxyeduRo2fqgmfREvdUSyP4x5Ixlk_OuTUsg&google_hm=M3ptbVZlZWtreGV2Y2tJVHhaUkQ=
Request Chain 141
  • https://sync.inmobi.com/gob?google_gid=CAESEJX9RQf2TzNvhwzBhF_oqlI&google_cver=1&google_push=AXcoOmS5L50uX35lWDbl-yf34HWibsmzwhhx5pqLgxN985fkt01PuGwLaatb3WzwI3dtHFUiOSRfAZeeICULnD80LcjMcazN0CM2itI HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmS5L50uX35lWDbl-yf34HWibsmzwhhx5pqLgxN985fkt01PuGwLaatb3WzwI3dtHFUiOSRfAZeeICULnD80LcjMcazN0CM2itI
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
Request Chain 145
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXMvluj9bPEAuhYV6-22OwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjzhzduINpfKYtSpLQK-UQ&google_cver=1
Request Chain 147
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEwODEzMjIyMDcyNTQ3Njk3NA%3D%3D
Request Chain 149
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cf0iIlC9zZYL_OfuVjuwP55-1qAa02ty-dNO248jyEcCNtwEQASDJtI5-YJXikIKgB6AB1tva_ALIAQmpAkTJ7AB4LoE-qAMByANIqgTMAU_Q_v3750MIfA5YSGFk74ja2vbkcKaWFmyaNSA0zMNG5TG9J_sWSKIxIkCbLKz_tKv4vaHSkXj7ew-WOL9UipPNccs7L6AG2n0Y51JR5KOXjYfxXCoc04NXS8r1ggfl_pqwSwiH91YzYPQBx-DsnYh5JftZ66rBCn4slY0gF_mJftZUOyq9-2xdfhhni0sZrpkaC74lPAkpy7a-w2xDhCAi6_we5jQTNl4_8zo6Rx2-WColgldNuJBjou_vJPD0vhosPkMQRty-8UD3t8AE8sWBqMgEiAWrr_TVTJIFBAgEGAGSBQQIBRgEoAYugAfJ7OrMA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEODQA9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYnPypxo2AgwOaCRlodHRwczovLzRremdhbWUuY29tL3NoYXJlgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0xNjk2MTY0MDgxMzU5MjkyGAA&sigh=En_ydZ_LxW4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNuPyJFmPzvl8skr9cizuCsAy5HSVXnh6crZ4oqyQgbe55iZrkrORqwA6JyAjKXFjiGGvDOCa7zKA9KU8OHHomRIzOm1XHVnZzHgkYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224702845543093533744%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225219894138770725905%22}&andc=true
Request Chain 155
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199600097&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=2120323161 HTTP 302
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199600097&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=2120323161
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEHQeBuViFPkjQci_Qzg1LJ0&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEHQeBuViFPkjQci_Qzg1LJ0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=8454f4ab16f81f8613ffb6bcc59494f6&uid=8454f4ab16f81f8613ffb6bcc59494f6&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEBO9UtkU74Sj4Er9iL7laRg&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEBO9UtkU74Sj4Er9iL7laRg&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=8454f4ab16f81f8613ffb6bcc59494f6&uid=8454f4ab16f81f8613ffb6bcc59494f6&data[stv][idt_did_status]=not_changed&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 286
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=bf3ea3f2b7658c08191d6d0a7099669280a8106d5237f2432abedccf9547cbdb
Request Chain 298
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZXMvluj9bPEAuhYV6-22OwAA%263368

298 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
helopal.club/
Redirect Chain
  • http://helopal.club/
  • https://helopal.club/
40 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1756cbf5c9c8c73fae4b374ede874839ec684a28bcea40f43964d05e76a98264

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8325e0fcae0a5d6b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 15:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZvjzbNvL2Ij8WAeWZYTSKHsExohHXjKL0giIGrbLIhPtDW8DYQ%2B8o%2Bnt0R5bq8TB94TwsQpm5%2BQ7NwPbjh0s50NfYccYynAyPhE4kcejdqtMZgkETnArOD9DZT6IyMyrOIFOVxamBY6NMI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

CF-RAY
8325e0fc4d4d0b6b-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 08 Dec 2023 15:00:35 GMT
Expires
Fri, 08 Dec 2023 16:00:35 GMT
Location
https://helopal.club/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rkgv8qSiLrSoyWEiGYTZeBAfLWOWuoRGkHqI8UOdMtoMpPvlcDt5m83aWqzRk8nefEzXYjCyrLzMMGBeX%2BeWNWCK780whDN6XtQvPrxKLWj2%2BIGozqjg5LKHsYWIy84QDA7hdZ%2FXv%2Bcx%2BEU%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
771b7eef67686955f8043bb3a8108b34bc56f6cf1e99ef7161848e151c01c907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51813
x-xss-protection
0
server
cafe
etag
2989892200236338478
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:36 GMT
spectre.min.css
helopal.club/stylesheets/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helopal.club/stylesheets/spectre.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb3aa9142a5007f984815fe8383a9d6bca2e369f19496f68025b230b4953584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
520
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9u8Mt52GcbWWndMRniEo4uqTZHUXxGCUvOXpi9OZIR60y2qNI6kBeTNP1t26slNFPlDuF71vZ2zjlp3Nw7ufceHzmeJC0uzckfbRfTVPCBzqN8eWAO77EQBEuyeic1c10VGxAySvys6QV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
8325e0fec8245d6b-FRA
alt-svc
h3=":443"; ma=86400
spectre-exp.min.css
helopal.club/stylesheets/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helopal.club/stylesheets/spectre-exp.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66fea64ce1ae1040340f5762d97a31187aaf1ec2c8a28a532b0c82622c6df3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
520
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul4SkA9pojhtbTc%2Fv3QbOxM9KnUwA4I9HUydNqqP%2FbQKwTCPbgz8np1i3IjD3Pkh8ohJZAK%2BFrpz7tkNU7zdgAaU%2ByYJJO%2Fegk4EuC48XpDFkxGmq%2Bx%2BTKECKG%2BZ0gfWDOfSqNfxx5%2FGQ%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
8325e0fec8295d6b-FRA
alt-svc
h3=":443"; ma=86400
spectre-icons.min.css
helopal.club/stylesheets/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helopal.club/stylesheets/spectre-icons.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f36198740d2dd79a44002dcf7eebe2c43ab6b5c3ffd60b7e71dd31a7c43872b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
520
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBbbk%2BPf5FUi%2BcJDQjryy%2BDqBBg5IjZoYXkzJcxVMl2pmnMu9q944kk8qaq9ya%2FaCumBor6f4qphTlqKyl9PWdFvtgnf99Tn3PnaD%2FOkfuH8iReIwR3vpQFSCXHlsm6m6%2FiKI3hZGN7M67w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
8325e0fec82a5d6b-FRA
alt-svc
h3=":443"; ma=86400
style.css
helopal.club/stylesheets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helopal.club/stylesheets/style.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0c71bee455ba91e5aa859abf3961d7e57c1c00cb85def124dfa1d8f53069d47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
server
cloudflare
age
520
cf-polished
origSize=4926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHVH2ZtoOCQINfLkuT2aut0Y1SMENbZ1%2FjkBGJzcsetdHq5LGWmkzNBdO37FF5dhjHxB%2BWZ3wheOKPUWfTtRnWhNPm9SAeVjRjp6I%2FBM2r524wIkqZaE8%2FYNkdXojOcuHbX5CVKAy4T2gqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
8325e0fec82c5d6b-FRA
alt-svc
h3=":443"; ma=86400
main.css
helopal.club/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helopal.club/stylesheets/main.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec50c9a8d51925986413f726c63b107ff51502b5f44e49f54807c6d3427757ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
server
cloudflare
age
520
cf-polished
origSize=10580
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P08pflRa5MN6Y8kodlR6of7SE8wC6uBc68TE7MfaOMjCuwqKwO9%2BbRG1A%2B6Owkml%2Fa4h7NkzS9gBWQUfOQ0Y574EJA%2B4HSvSOjcGAyn60xmz%2ByYtRP7pkV%2FwolykAKkgIAlxF%2BA9lkNE%2BnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
8325e0fec82e5d6b-FRA
alt-svc
h3=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://helopal.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
732715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18778
last-modified
Wed, 02 Aug 2023 21:01:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64cac444-495a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zokzArVQFVfYz91dr6iEA7KPzvRD4%2F7cRQzJBmiA2zo6IoU8N6WMA0NcVD78apxHxm59uJ44Jp2WlmcYyeIHmavZyk7fR3rWY1bD1qVaKbBizv%2FMcpTXaYS49a4KV6C3%2BcFRmHzpC4c1sf%2B3JPPkEt1S"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8325e0feed3b2c5b-FRA
expires
Wed, 27 Nov 2024 15:00:36 GMT
bootstrap.min.css
helopal.club/stylesheets/ 		139 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helopal.club/stylesheets/bootstrap.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fa1b78af612f835e36c2b7e759d15aa574851f2fb7dd556542af5c4ae2d4ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
520
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=810BedWHMOiWT16nuaa0lGpyraal1qmjRX7dQDqb1AStCHHTTffbUWoCYJ3%2BWUvZae4JC0F02IXHp8Gezwtcqtg42sV8J%2BiPfzkvNJy2fOpuaJ%2BgcSopmTcI14OGoJWhgfVQoWUCJdHbFho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
8325e0fec82f5d6b-FRA
alt-svc
h3=":443"; ma=86400
jquery-confirm.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2464206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2884
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-580a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5W7LPXWGWtzW7YAEKz5NZbTLZ5J3kRUbxodWoLcY3hPQs0vWlSEsuWYTOJzCGiKfxftuEe8Jbl9JNRelUGogATqaZMcZldn2MQDLt3cAVAKS3FCm0fy39Lj51mtlu4geo5%2FQxakdWig7ni7QpdIDtl8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8325e0fee8fd3732-FRA
expires
Wed, 27 Nov 2024 15:00:36 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
646458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vDX2Wxi3toDHDKzyI2xZB%2BjE47E3ivbVWFNzAbCwf6O%2FEOwgFLqdNQe%2BE759jj31O9yZEUaYxTLj%2FptH08Cwopv0COLom7HLiGX9jlvYYvpSWBBdFCLSUytcrGii983lPqf1JpdEclMN4%2F2V513cfcu"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8325e0fee8ff3732-FRA
expires
Wed, 27 Nov 2024 15:00:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 10:27:05 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
734027
cdn-cachedat
2021-06-01 19:39:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cc9c4f0d341b28a2bf97da1ba3da67e8
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
8325e0feed192bf6-FRA
cdn-requestpullsuccess
True
jquery-confirm.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
646435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6362
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-6cf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKswaAl75EiGthfLzwStaxhTlkUPHS31fMADjBdj4MDFqjcK7htMXHeS0mU0bzylmju0gtdBoymCW2uYJvtsIFxLB4OiUyBB0UyfTOjYYX1QlXP2vlA9c%2FqKqIZQU%2Be8wuRJdRVDBE2kkTL6tu4tTlZH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8325e0fee9003732-FRA
expires
Wed, 27 Nov 2024 15:00:36 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-176069477-1
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0efc15ac0c027f6c4feecf95451c592e741b22763508b1c7d448e5bd8d8344b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51667
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 15:00:36 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136873609-1
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81717b95277e92e6964745acdb1d0f0ea4a4dcaf43ca16844cf79626c7c4fece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69021
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 15:00:36 GMT
1623528814.helopal-club.png
helopal.club/site_logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/site_logo/1623528814.helopal-club.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcfeb4b89a5cda13c5da8db61507eea441ddd4d4cb1e5a84f91d456cea251b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 12 Jun 2021 20:13:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
912
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRJnZCkvyNH74QOKJZpvHBE%2FhzOPCKbWywyjO%2Fna7Blg%2FJPD8ncPqqYQTUWGZ4OrzGvWovbPftKwYpg6CJhxScqFWgOCoVjfOnisW%2FFVf%2FQKjhDNROVGhn1sdHUzK8Jy8fQd0H6jqwyMVLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e0fec8305d6b-FRA
alt-svc
h3=":443"; ma=86400
content-length
3997
6223117-1698472173-2459ff2e-2d36-404b-96da-3318b059eb57.jpg
cdn.helopal.club/images/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.helopal.club/images/6223117-1698472173-2459ff2e-2d36-404b-96da-3318b059eb57.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624d8f4d58fc9c2ca59102e1c8d4100707b342db19f53d856d2dcb8d484f1094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
x-amz-version-id
tMsOHu8UD7aCLWGGF9bcrmgEXw9557Fc
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA6-C1
age
3850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
151231
last-modified
Sat, 28 Oct 2023 05:49:36 GMT
server
cloudflare
etag
"d693217e06be6fb2dcd4f6dc23cdd6c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fklDbIeYDmmqdD4ARdNhz0pGnkgxy6zMMdKMEn0bl9cZ17k0vvNf%2FmxXn7t2kvnsv8AROqhA%2Bbx%2BikvPMrtojHPwcmha5L2CmUA%2BO9IWNdHOkI5FT%2F%2BBuJTCUgporJ8tSBy7AROMoI%2BlHhrLRqOP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e0ff08705d6b-FRA
x-amz-cf-id
2NzAPczcOpxhEF6ivZd9zIDkO-gn9Uyc2oNF2lvQ2b2YwsEJQV1KXg==
best-friend-award-2-1642431865-1044d2c3-1e81-4852-8bff-352dcfa83551.png
cdn.helopal.club/images/ 		309 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.helopal.club/images/best-friend-award-2-1642431865-1044d2c3-1e81-4852-8bff-352dcfa83551.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bcc32a5bd2678766a21faf6b68941eaf9fe1fc9c7168a091af3ef81c1738f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
x-amz-version-id
do0YZFwpRk6lhbsdaAM2LzzfRn2srhZs
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P3
age
5493
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
316686
last-modified
Mon, 17 Jan 2022 15:04:26 GMT
server
cloudflare
etag
"98213a542d36a029931ddfc74bee83be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYX3zHRNik9jRWTGM89EWdydVYQ7oZKDUSeKa5j6hCfzPajYy71fDojvsG%2Fri2tRh%2BRqhR3j9QftrdZOemSttC1DtvBoFmkXVwkA6cwH14RzgQhkO85ohI1lrdytHYlcTY76A0EDY0HLiKsQ%2FHUU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e0ff08715d6b-FRA
x-amz-cf-id
bMaHv5lAqIdKB5K3zBMba3Xh24gFrmtukFz4hIeoBsV2Ln2nem0U9A==
1623667520.how-many-friends-love-and-hate-you-small.jpg
helopal.club/quiz_banner/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1623667520.how-many-friends-love-and-hate-you-small.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13aa444747a569e25f79d16b3870a9715735f0bfb98e395447f1dbc979c78be0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Jun 2021 10:45:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7131
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fW6FrEN%2FetF0uz0FcOs4l6eJrTTuFN0ISUAC6H5BHdsFSwYhsfX0rs1XzY4lvnNBhm5xr%2BSPzMAlXA0fN6XjbwUyb3b9MCtC16J9K6AopsGp6WLTEV6V2BIztmEsCpFWX1T%2Fl6iBqXmKpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e0ff3e5c921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21785
1622809937.b.jpg
helopal.club/quiz_banner/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1622809937.b.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387fa76a18c1e2dcc5db9d10f530ac9c419faa94becd7bedafaf8d05521c32c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 12:32:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4066
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pGYAbZfZkVqd5X%2BaJxpzhQZo5KFnY%2FLr10FEQsMmhXUU9pBgbF3UKUcrBZ2g7SK6nQSDrqgZQT99jEFEsFZPdiPGBd9wRERdjM0ntp11ToCUGBdrS7nAMD9Mrz0bd1PY7gEG6niyu6qD0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e0ff4e63921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
17439
1622810191.e.jpg
helopal.club/quiz_banner/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1622810191.e.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab4a49144b0899c87c607eba0952310f2790e06bf4cd6ba025fa8f4dea93052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 12:36:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3607
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iBXQn49QsMMSxLKqF4nJW%2Bsdh%2BoRcZLV6u%2B4THqDFq127vd52OZCfZPEc%2FAWdCTelm2%2BRv8a5Jt7MP%2BQqy64Grp7Azoyt5WrQ6zULt1H2b9i5PenqcgbdRUuQA%2B1GUxOK7lBNnQIx0EehA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f44921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
16244
1622809962.a.jpg
helopal.club/quiz_banner/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1622809962.a.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73060bc634e7d84fa78d9e5b0b0d188c9e0e84dce0172f8042bba2b180886099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 12:32:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3607
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKW7U7iQDlmMoyLydtL97hcbC1ziPEyX5ugcx7qU1DzK8nQYdDP95QQZrVMIVK7lAqsqUDRVbexEbQsNvFEAUUe4TqD4KYUjmB%2FL5pYA6vLe1EIDGXOJ%2B9V00L1eDdP%2BPyGNB4c0%2FwS6Fls%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f49921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
15893
1622809982.f.jpg
helopal.club/quiz_banner/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1622809982.f.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a44b79476282023aa69f375fb648558a8913635c9350fdcca4ef79a876d70b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 12:33:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3607
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZQ3Zodew3tDT3XCfvF%2FwJnpENm2n5vRBlukKuSjq8vc7ecU6x7ipW8gxMFFeRma435jpWbjLr50k7q4YkOrcQlGjY2xrxkyXRXWagFfa7KLUpUVKHB1O0CqoExyeDq2Wmej5Wg8xUduArM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f4b921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
24808
1622810009.g.jpg
helopal.club/quiz_banner/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1622810009.g.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e01a0575080f66e28f68c7d43dd12195d569a2172bdf786643945e3589b055b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 12:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3607
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e5X48RP%2BSvMi9dH0rcFyUXUcsUBfYuzBpS98mAQfMHfJy6pQx8dqJ%2B%2Fjuno94E3unLV%2BhqsUs8FZjRrma6zu3lW5XWn8mMUpaYz6y92gc0g6fqpHqipdw5gT%2F2KgR80wparktjRrEgchgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f4c921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
15020
1623160044.true-friends.png
helopal.club/quiz_banner/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/quiz_banner/1623160044.true-friends.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72035cff2a2b4aa0eee6fa22c60e429cd23e12a43f811edce39f999134dfdb08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 13:47:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3607
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YOJRkfahUgEkLDjUa7gOSSifJbSDZxq4F47mMBPdn1VKVG%2F2Mag%2BMPgAlzwPc6woNu2RaqUp00LLWDKt%2FsJubNVoqG5E6GzCoI6difK%2F5pcFyG2HXVzp8KIBp8iaSQPf4DyAb2cEJeZmjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f4d921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
62964
anonym-eng-1694244024-fbd92fcf-4241-402f-95a4-c12a2e3f87bc.png
cdn.helopal.club/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.helopal.club/images/anonym-eng-1694244024-fbd92fcf-4241-402f-95a4-c12a2e3f87bc.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29aaec486617fb3efbf0d98e6034ad1a8eb5d82734e2aed02ab7de37fc1be9d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
x-amz-version-id
ANqBqgXEubcEvtJobs1s5IhOiWNekHxs
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA6-C1
age
1483
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
56105
last-modified
Sat, 09 Sep 2023 07:20:26 GMT
server
cloudflare
etag
"d7b230fd17d40c7746570ed5cc95a5a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JMwoFZjLOzIVLEQ8ZULdENBWL9yQTMjACjDfmF0xjle9g7CnIzOX8uHWAzqfqCLPuvifcHyG2DI6ZwrdfvGOeWiroIMEHiuQOudoV9xoLnYT37q6Z7c7U5ZhOl4qobjh8x4uQlJqmL8Z2Zw6DyV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f4e921d-FRA
x-amz-cf-id
vyWMkNInlmdmYph-G9SecLtfEjDtDb1hPEfzj-5hwXGE0H8MQQd5Tg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1696164081359292
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c3bff7fc96098aa0123372edbb1a284bef7a2adbac8aa75cbce908c681035e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Origin
https://helopal.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52117
x-xss-protection
0
server
cafe
etag
13483751313933604936
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:36 GMT
facebook.png
helopal.club/ 		580 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/facebook.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6079a677b4ff727c225559facad29c7a945d060fa5cd637ac76b4ee55d21f471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Jan 2020 07:26:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3782
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mOdoCQm6FREmRma%2Bpzo5KqFC06gicdq6%2BK5fbt1hDoCeZgkroQzbztqWiYuuOjF70rJ3sTZXo4jnbKS1%2BP32RMntsrkFZPqPUwJX6Lqd%2FdBap1CA6JirMwSM2CYEIihPLdqtXaa3pYJp6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f4f921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
580
join-us-in-telegram.jpg
helopal.club/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helopal.club/img/join-us-in-telegram.jpg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 12:20:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1684
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seTM9Wek%2BTH99p%2BJuj5tWjiMh3NL8PnCvjR%2BOpcFbMKX2t91N2cP4z9tAopIEu1vv0MqdEyt%2FDlV4aG8Pb9w%2Fn4Ds43YW0ZQxW4T5KceQMMjvSose5NzrKVlQFHVACDKQNWRv1CLUJwdO3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8325e1005f51921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
9799
clipboard.min.js
helopal.club/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helopal.club/clipboard.min.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Jan 2020 07:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
814
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ni%2FIlNBbGAm3%2F7vkGimpcdVLOaYHDCxut626X8be5t8XN81Dw4SytuPcmblzvY6TBPEzODFp%2Fqk7xz%2BCEuo0VfkZIq4nFXgLOMylvf%2FcQTzCZCUoUI5Fr2Gz07u1FQEYME8rYvrAPFc7ELM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8325e0ff6e91921d-FRA
alt-svc
h3=":443"; ma=86400
howler.min.js
cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/howler.min.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a620b02e2a8b2f28d34ee63509828125c4992f021adcf05e2eabcf23ff6621
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://helopal.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
898151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8506
last-modified
Sun, 25 Oct 2020 15:34:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f959b05-8bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gVLxCqXWLwT8lQj7j2sf1UvkE8Tipk0l%2FuE0Pp0EpMDvjaXUEbAJEi0N%2FVSRjIO9fndceiPoQudTQ5WBbBaE6RWAAPCf5C1rrUtVO58wRBqwTv5%2BDigHdfDgDbNGYri1xNWAPuzUGwwxXeefaV73j2f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8325e0ff6e3a2c5b-FRA
expires
Wed, 27 Nov 2024 15:00:36 GMT
plugin.min.js
get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/ 		281 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
537f6db0f95c63ad512ca91bd59f5830606833eab46551d697a40833fd41c0a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:48:17 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 11:48:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
740
etag
W/"ea1b51f09e0895766e6b6fac6985478c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
vHQZ_eWjE1vjvItiStIOCm8XeucmJOsfo1fTXpDWn5o8tHBLqKc1yg==
qbg.png
fun-dare.com/site_logo/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fun-dare.com/site_logo/qbg.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fdd68fb302111aa20d2544c139144e3e43ff45e7f46af9ecd6005dcbb1f24f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:04:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3412
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Wb96uir4vm8gbzoFt76h7caPwR8qMvwdiCSI8PykrCcPiOoFCvbvdQKUZ3WqdMAoGPVVaU3A86H%2FwiasBexbmMiivH0ptPfR5n2LfEyRT7miGHhdvxJONG%2BaP6f87MzOa5bY%2BxQGq5d%2BAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8325e100a939383e-FRA
alt-svc
h3=":443"; ma=86400
content-length
11290
correct.mp3
helopal.club/sounds/ 		16 KB
16 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helopal.club/sounds/correct.mp3
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36ccb3fa489753610fcbf8f4cfe4021cd1ee7b6159d8a17eabaa92b3e3d8094

Request headers

Referer
https://helopal.club/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 10:38:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3794
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f07n8ECI8p0u%2BG%2BprGvOcPF4aLDfc9nhsD3IYFxu9BXVpREoJopBfs8eukhXnWAIe826j279lpWrRDj1uOmQE89IIKev%2BpT0CHBgjpEaQwm%2BWsj67mAXDWNwVALVOzxJAZHQierOBdnB4J8%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-15124/15125
cache-control
max-age=432000
cf-ray
8325e1009f72921d-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
15125
wrong.mp3
helopal.club/sounds/ 		79 KB
79 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helopal.club/sounds/wrong.mp3
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f

Request headers

Referer
https://helopal.club/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 10:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3794
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yhSrJOKFCBdT9nq9Eivp%2BBh0u%2F58yzYWADC5Yd2h9EeJrEI%2FTGZ84PqZIhuIoRNeCW601FC%2BNXA6nE7JoxTiMQs4Swm%2BxPrjnmaNCOyUrr4fnhAyPqmra9yDH9E%2B%2BEiPtrSD2ELOKLlD20%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
max-age=432000
cf-ray
8325e1009f76921d-FRA
alt-svc
h3=":443"; ma=86400
proceed.mp3
helopal.club/sounds/ 		26 KB
26 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helopal.club/sounds/proceed.mp3
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8409dcad2e8d36ca28ef173376dee1e565758442050715742bfdbb08c92cad

Request headers

Referer
https://helopal.club/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 10:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3794
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1McleVuUhgwPg2NubM%2FXJOUaw8WN6xtfYT0%2FHEYN%2FQntQV2cvtA2%2Fo%2B8rLLI5rncePunTEZKnRQdddOpXiURRKcUH1zFyKATjL%2BEM6XFxadJ8hdEclqdD0RHQcrC96FawThCqP6MUmJSWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-23798/23799
cache-control
max-age=432000
cf-ray
8325e1009f77921d-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
23799
error.mp3
helopal.club/sounds/ 		20 KB
21 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helopal.club/sounds/error.mp3
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c82d2c77388cab6da0584fcd1539d002ad095de31d9f80937aae0ca6cb15af

Request headers

Referer
https://helopal.club/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 10:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3794
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIrPJlUcLuoyX7SySXarjzaBYGyN%2FLq3ywLOmYvZpsEngWr3A%2Bi0OtVYbDP%2BzhOI8uMHkyQ1aILax5yypS4PyMvXwXGYizP5bpRR%2F%2FYK4ZX4kSH1KG7TwSgC%2FDKwBGGg7XWO3%2BDSJNoAi8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-18978/18979
cache-control
max-age=432000
cf-ray
8325e1009f78921d-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
18979
skip.mp3
helopal.club/sounds/ 		79 KB
79 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helopal.club/sounds/skip.mp3
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f

Request headers

Referer
https://helopal.club/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 10:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3794
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGvweBIVy1WrdqfuyzofNdh8bHV4nHKLpcE744uk55IFmPQC9p943svi%2B5lp8h28iE8qiG728svCBKLUR0xPW0IMY7awuBemkri5xulw8MBp4CGWN%2BVWSQ2p7BHaPQjmwpdyiP%2BxD6AIOOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
max-age=432000
cf-ray
8325e1009f7a921d-FRA
alt-svc
h3=":443"; ma=86400
delete.mp3
helopal.club/sounds/ 		26 KB
26 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helopal.club/sounds/delete.mp3
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd8b93147a25b894ae2f92584a545693838c3f910eab31999b22d50bca4aa6d

Request headers

Referer
https://helopal.club/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 10:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3794
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHvPBobBgfiPuVnqUYw5GW0X8YgAJ%2FkuBtdVQ937hImkirNsIgS5qgRdiNDsSH%2FsnP401FFNuvvT3eAaacdZcNzUND7Ykx7BhWcFuExeKk8CF6kF8Ogo2gSI7BFIsiTwZIIb%2FCtH4%2BeiLfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-24191/24192
cache-control
max-age=432000
cf-ray
8325e1009f7b921d-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
24192
firebase-app.js
www.gstatic.com/firebasejs/9.9.1/ 		86 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.9.1/firebase-app.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e87a0a4ea67100ecf0073972c688d535b91b6742d8f54017013b978ce2c18d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Origin
https://helopal.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19565
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 16:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 23:40:08 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/9.9.1/ 		112 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45d48e1d7e27224461b0b699f702ad07ca66ff00da3e98408c23b7de03a64c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Origin
https://helopal.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24944
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 16:01:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 23:24:41 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/9.9.1/ 		104 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.9.1/firebase-messaging.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e0f42bb7544f3b80a70a365cda8be4758b8c434aa31d6b13612c5f55b76d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Origin
https://helopal.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20223
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 16:01:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 19:14:48 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1f7d0dd8fbf668376479186d5286de016e8cbde9625d228b21fac31e4b4f252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137696
x-xss-protection
0
server
cafe
etag
2259365752306513202
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:36 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame FF09 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4114
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 20:58:19 GMT
etag
12700215250743596434
expires
Thu, 21 Dec 2023 20:58:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4edc8ba60fc93980f7c796ebe81032a7fe8fa9de3c908f19a90c1faac7ca791b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30281
x-xss-protection
0
server
cafe
etag
900 / 19699 / m202312040101 / config-hash: 18357547353528918854
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:37 GMT
prebid7.36.3.js
get.optad360.io/sf/ 		520 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.36.3.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:33:33 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Mon, 03 Apr 2023 08:32:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
2150823
etag
W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-id
_g3prW0g2peq8FE8jE9IQiXGAz_w3Iwu4QzWSAeUvX4Daca2ROEP8Q==
branding-ads.svg
cdn.optad360.net/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.optad360.net/icons/branding-ads.svg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 00:50:58 GMT
content-encoding
gzip
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
5321379
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
fXd03dQ7njcV3JufInUM0EVNYKGlCSwWSBzxM45dHbTKv3kDC2FJLw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231208
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca997682d0dbc6da36f2262551bb2d69aac5a5d0ed13b876ecd74e874314eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39579
x-jsd-version
1.0.1897
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-vG+2T1zUrp2xQjeb9H33OriwzZI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y50GUPZdh9%2BHf6E48fOvJGUBe3%2F%2F4fexBml1R%2FxvHD8c7DdI44rbDX7mNNRZvSFMiboNuD%2Be%2BzCfyip4zzlTWakzqlokVwXQXH5Th82LrjnEk%2Bx68AeoC8dQDZ527vDzdbHXZgs6uo1oho4jIX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8325e1021ed91a86-FRA
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:36 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
978349
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sz%2Bhtc9s48w5oI5Ignd0crAWz6HjxIYgm4%2Fm0Tug%2F8y6V7d%2FjTM75k2iavsU%2Bh0Iq3sIzlAo%2BHLFpoNPa2793AR2tdZAZ1YbqXivGWYwNCK3RReKnf6wApdshDVwRk7JP8W%2B24KUQe1q09EM"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8325e10279561ca3-FRA
prebid-request
onetag-sys.com/ 		15 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://helopal.club
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=2&alt_size_ids=39%2C55&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=a93c7968-21e6-4c3d-b098-9f2813972c10&l_pb_bid_id=4861d505f25b51&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0125&rp_maxbids=1&slots=1&rand=0.003770446855285714
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c765580728797a4c4a1f6e3009a4543d25a8e7e2964337403ac224ec1f706f2

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=477094&zone_id=2872706&size_id=2&alt_size_ids=39%2C55&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=a93c7968-21e6-4c3d-b098-9f2813972c10&l_pb_bid_id=54f4af03e46eea&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0125&rp_maxbids=1&slots=1&rand=0.289008239556257
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8b7ec456a0cf37c3d45f4764713d118a215b11c09296ca0bf9d7a2289a75895b

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
9f7bda6b0c8c48293f46860952db4d54390f81de655355dc7bad2e0fd419f6e4

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 15:00:36 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://helopal.club
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
/
ssp.wp.pl/bidder/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
access-control-allow-credentials
true
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
accept-ch-lifetime
604800
c
prebid.a-mo.net/a/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a64f924f7eecd0ef8d6b8fd672ceff3d645afeebc65cda4838ac089892fa1cd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://helopal.club
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
37ea8070090eb5470f64d57ca76dce72bb83db50a72f943643b6ab85ac49d094

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 15:00:36 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://helopal.club
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1982
Expires
0
prebid-request
onetag-sys.com/ 		15 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://helopal.club
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
fastlane.json
fastlane.rubiconproject.com/a/api/ 		319 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=43&alt_size_ids=117&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=1fcb4b3a-574e-46e9-8850-6d4eeef7f124&l_pb_bid_id=233d479fd50206c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0125&rp_maxbids=1&slots=1&rand=0.2734713469381609
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4baba6636758b3880eadfeb99f51dff0038eb7fc5df1a0cbfd9eb4b9847080a9

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
319
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		319 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=477094&zone_id=2872706&size_id=43&alt_size_ids=117&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=1fcb4b3a-574e-46e9-8850-6d4eeef7f124&l_pb_bid_id=244ab056c3a2eb6&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0125&rp_maxbids=1&slots=1&rand=0.648181023030769
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d175839d8ff797dc46ee269c6876c21895dd6df126f4602ff8d46ee9e0416f9

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
319
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ssp.wp.pl/bidder/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
access-control-allow-credentials
true
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
accept-ch-lifetime
604800
openrtb
adx.adform.net/adx/ 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
server
envoy
vary
origin, Accept-Encoding
ads
googleads.g.doubleclick.net/pagead/ Frame 230F 		10 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&adk=1812271804&adf=3025194257&lmt=1702047636&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fhelopal.club%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636613&bpp=3&bdt=335&idt=273&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2867536099469&frm=20&pv=2&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=284
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7828000d896527d60d4866afd681d3766d4a367c3db1439c6d9b3a48900cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1023
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:37 GMT
expires
Fri, 08 Dec 2023 15:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9589 		163 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aada0fa68f0a9dda2dff3d7832949c556844d593033eacbbd578ddd1096c934
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47906
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:37 GMT
expires
Fri, 08 Dec 2023 15:00:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VWZGSQLZ5T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5346e5b0651c045c8381191ebf1d760cb7f39e108a9d6a50de49df5f00445472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86182
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 15:00:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 13:41:48 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4729
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 08 Dec 2023 15:41:48 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WEZNDFHJK0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136873609-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54ba65f2f0af00c5ee413e22e99f5cc42f3eab745ad0ace94d008032714c0e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81193
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 15:00:36 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/ 		262 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f8bfefec2cd703c79b6f039fa4091160c9ff5a67d9d3b7d159924304517d869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://helopal.club/
x-goog-api-key
AIzaSyDHcMOju22-gYCaa1f3BVFqAFpu8C8D6vY
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://helopal.club
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://helopal.club
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://helopal.club
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 08 Dec 2023 15:00:37 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:36 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
719738
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yapImsH7JUhr%2FGm68GsZs0ReO622m3f096tAhvXaO0d8dWeKOw89yBIYpNLQJPyqiQPecaGN13c%2BgvNOgSAmE2zyTbu1nE2SaoKVCJHTxUN39E3xJVg3QM0%2FJ49ive%2FB3aZb8i2HQ%2BnErcsQ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8325e102eed818e4-FRA
installations
firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://helopal.club
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://helopal.club
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 08 Dec 2023 15:00:37 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/ 		625 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25cb0c014feabd8c4c0d24c6f0c47e0375ec8bb12248da5bd0100fed5121604f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://helopal.club/
x-goog-api-key
AIzaSyDHcMOju22-gYCaa1f3BVFqAFpu8C8D6vY
accept-language
de-DE,de;q=0.9
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjkgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI5IGZpcmUtanMvIGZpcmUtanMtYWxsLWNkbi85LjkuMSBmaXJlLWlpZC8wLjUuMTIgZmlyZS1paWQtZXNtMjAxNy8wLjUuMTIgZmlyZS1hbmFseXRpY3MvMC44LjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjguMCBmaXJlLWZjbS8wLjkuMTYgZmlyZS1mY20tZXNtMjAxNy8wLjkuMTYiLCJkYXRlcyI6WyIyMDIzLTEyLTA4Il19XX0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://helopal.club
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
488
x-xss-protection
0
c
prebid.a-mo.net/a/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=9&alt_size_ids=8%2C10%2C14%2C48%2C126&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=4f589009-14c9-4d00-a1f7-a729c19748dd&l_pb_bid_id=36dd72077a3b428&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0125&rp_maxbids=1&slots=1&rand=0.2919573703228755
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1edfac5c088ed3e1466c757f9b3305cd19669b405a308d875feab389a01caf7c

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
322
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=477094&zone_id=2872706&size_id=9&alt_size_ids=8%2C10%2C14%2C48%2C126&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=4f589009-14c9-4d00-a1f7-a729c19748dd&l_pb_bid_id=3790c77bf25fe08&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0125&rp_maxbids=1&slots=1&rand=0.20125209008313183
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2001c42b2ce2b362f5fa875d0d45cda31c83709d6592ce20040ad38e9eda556a

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ssp.wp.pl/bidder/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:37 GMT
access-control-allow-credentials
true
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
accept-ch-lifetime
604800
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a44cc65f511f52da0151987fc2786a19fb311a97b5c4d7fb44c138fcf39e2067

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 15:00:37 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://helopal.club
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1982
Expires
0
prebid-request
onetag-sys.com/ 		15 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://helopal.club
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
openrtb
adx.adform.net/adx/ 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
collect
region1.google-analytics.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VWZGSQLZ5T&gtm=45je3bt0v879222134&_p=1702047636536&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=865504423.1702047637&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702047637&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1&tfd=1190
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VWZGSQLZ5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WEZNDFHJK0&gtm=45je3bt0v9132638245&_p=1702047636536&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=865504423.1702047637&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702047637&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1&tfd=1210
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WEZNDFHJK0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44808454&hl=en&pvc=2398167256370812
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1441285274&t=pageview&_s=1&dl=https%3A%2F%2Fhelopal.club%2F&ul=en-us&de=UTF-8&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=345977872&gjid=1145619009&cid=865504423.1702047637&tid=UA-176069477-1&_gid=1915370738.1702047637&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=25139529
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1441285274&t=pageview&_s=1&dl=https%3A%2F%2Fhelopal.club%2F&ul=en-us&de=UTF-8&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1527108518&gjid=602984699&cid=865504423.1702047637&tid=UA-136873609-1&_gid=1915370738.1702047637&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=867607720
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
10953
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 07 Dec 2024 11:58:04 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136873609-1&cid=865504423.1702047637&jid=1527108518&gjid=602984699&_gid=1915370738.1702047637&_u=YADAAUABAAAAACAAI~&z=475453641
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 08 Dec 2023 15:00:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z45V12ZWF9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25b1808c891a37b3001543555622e93ba4b454cdffca4c6abf4ee8fbbe9f2ead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75555
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 15:00:37 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:38:57 GMT
content-encoding
gzip
age
2276500
x-guploader-uploadid
ABPtcPqNl0_c7mOVHVehFbpvBDCYrlpMq3zlKY0iT8ZNCSTUmKqOFKvvyge5cYXvjpEp3qctN1IhbOKtoVDeGx23F8-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 11 Nov 2024 06:38:57 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 15:00:37 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
9XEJCTBGXMH6BWG7
age
2727
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8325e10589076915-FRA
x-amz-id-2
6lDvA/NG13Ah70SYz7rinfNBhtPRqYB8cRNAXOB0HrHMJ4cExka3o6S7+kAh+aqG5/Nc7+/gZfgdF9MgeI4iQg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:6400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Fri, 08 Dec 2023 09:10:16 GMT
Via
1.1 1dd177f0f1668dc5abba6f90eb9da04c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
30983
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
CJXDgLUtNu1-89OkLcbp-YU8iFC3rpAJ1y_imF0rEeN7ekZK4KRnew==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31187
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXmP8%2BchUkTGbZ3Zmxr8DkaRYpNez3dQr0psp2QUjxlAytJow9NxDQMtLmxk7oJe3cCJrDZyUcgST3WpU7Y8jih4md1Tjth7A5qOu6wzVk2MR49pL0cZ10whHSEQKa0sR%2FufB09FMrP2xYPgdVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8325e105780e1c19-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
38672
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
oq1YHVtADIIlArExdW8Ccz7XvLkfQmsfpsu6-I7Zln7Zlgys4WyILA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
735e4ac3b30cae2b5efc388f31625af3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		110 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2398167256370812&correlator=3481018421975161&eid=31079239%2C31078659&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_adi_o3b_atf&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C320x50%7C360x100%7C360x50%7C700x100%7C700x90&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702047637330&lmt=1702047637&adxs=640&adys=111&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x0&msz=320x0&fws=644&ohw=1600&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0L7Hz8QxSABSAghkEhkKCnB1YmNpZC5vcmcY0L7Hz8QxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGM--x8_EMUgAUgIIZBIXCghydGJob3VzZRjQvsfPxDFIAFICCGQSFAoFb3BlbngYz77Hz8QxSABSAghkEhkKCnVpZGFwaS5jb20Y0L7Hz8QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPvsfPxDFIAFICCGQ.&dlt=1702047636278&idt=1021&adks=3810924492&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e59260c6a416d1eeb58e143a78d682756a37c15fcbcebe4bcdc1928f60e4eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46336
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helopal.club
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2398167256370812&correlator=3481018421975161&eid=31079239%2C31078659&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702047637338&lmt=1702047637&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0L7Hz8QxSABSAghkEhkKCnB1YmNpZC5vcmcY0L7Hz8QxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGM--x8_EMUgAUgIIZBIXCghydGJob3VzZRjQvsfPxDFIAFICCGQSFAoFb3BlbngYz77Hz8QxSABSAghkEhkKCnVpZGFwaS5jb20Y0L7Hz8QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPvsfPxDFIAFICCGQ.&dlt=1702047636278&idt=1021&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D48b22b1fddcf1e1%26hb_pb%3D7.80&adks=3471947066&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b466cd5a743f6332582f606f9706ffa324496c9241f9e1f14b37c8e07a93df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12534
x-xss-protection
0
google-lineitem-id
6378824136
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446278896
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helopal.club
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2398167256370812&correlator=3481018421975161&eid=31079239%2C31078659&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_si_o3b_s1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x300%7C200x600%7C120x600%7C160x600%7C250x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702047637340&lmt=1702047637&adxs=1280&adys=161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=1600&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0L7Hz8QxSABSAghkEhkKCnB1YmNpZC5vcmcY0L7Hz8QxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGM--x8_EMUgAUgIIZBIXCghydGJob3VzZRjQvsfPxDFIAFICCGQSFAoFb3BlbngYz77Hz8QxSABSAghkEhkKCnVpZGFwaS5jb20Y0L7Hz8QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPvsfPxDFIAFICCGQ.&dlt=1702047636278&idt=1021&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D4931ed91ecff2d1%26hb_pb%3D7.80&adks=1457638999&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93dd9a1b61205da94e0b142633b384b9c2c1fd2bcfdec60e74984cfae50aeaa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12530
x-xss-protection
0
google-lineitem-id
6373202822
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446985826
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helopal.club
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:37 GMT
expires
Sat, 07 Dec 2024 15:00:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z45V12ZWF9&gtm=45je3bt0v890424607&_p=1702047636536&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&_fid=fSxnALJVFUnbslbvNLAmo6&cid=865504423.1702047637&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702047637&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1509
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z45V12ZWF9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e74ea66f1736299c8aa9124abed99d4aac26e0abdded8e09baf4820efd5b258c

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://helopal.club
cache-control
no-cache
x-server
10.45.31.14
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helopal.club
date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
9d53c079d4f5d303cd726649f4db9c21b8cc06b9110a980b9c20d793d9a315d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-lA3QUCm8EsvR/BKoG/Ua3avPD/8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helopal.club
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 08 Dec 2023 15:00:37 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://helopal.club
location
/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame EE27 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:36 GMT
server
Kestrel
server-processing-duration-in-ticks
307728
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame EE27
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=helopal.club&sn=ChromeSyncframe&so=0&topUrl=helopal.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=MA6CLHxaQTR4RC9lRWt6SjluVGs1Q2hXWkxMaFdVbUZMUWRHN2EvUVJ1MzNTVXFBN1RkTUQzL2RwbmRFaEN2V3hlRldDUlROSGVzZ3dMWlgwN2Y4S3krVWgwTi9jWUFEVXVmb2o4Wno3NmFmTU5yMDN4Yi9kS0JZMzBYdD...
425 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MA6CLHxaQTR4RC9lRWt6SjluVGs1Q2hXWkxMaFdVbUZMUWRHN2EvUVJ1MzNTVXFBN1RkTUQzL2RwbmRFaEN2V3hlRldDUlROSGVzZ3dMWlgwN2Y4S3krVWgwTi9jWUFEVXVmb2o4Wno3NmFmTU5yMDN4Yi9kS0JZMzBYdDl3TXFFSEJ1anZFSC9XNVJncUR0K2lPekNtbHJJRmJ5d0wvN2ZXaDF1QWF4MFNyRzNpQzA3eTdTYU9Qcm5DZkJTcXhFck82U0VIcTRpaXlFWCtXMjdOakVPSyswV01TeWlZb1RsWW9BY3QvQlF6TnVLUThzUHRkWGNrbmhOdXhDQlFQN1BxanBHT0xsSng2bzJRTUxHNXRwRmsvcm94Y1NEVnJSTGdzV1FmVTh2RGx5Qm1yRT18&cppv=2
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0622f12b7efe23ffb940a420521eb6f170060657f51d81637cd14d21ecedad78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1448302
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=MA6CLHxaQTR4RC9lRWt6SjluVGs1Q2hXWkxMaFdVbUZMUWRHN2EvUVJ1MzNTVXFBN1RkTUQzL2RwbmRFaEN2V3hlRldDUlROSGVzZ3dMWlgwN2Y4S3krVWgwTi9jWUFEVXVmb2o4Wno3NmFmTU5yMDN4Yi9kS0JZMzBYdDl3TXFFSEJ1anZFSC9XNVJncUR0K2lPekNtbHJJRmJ5d0wvN2ZXaDF1QWF4MFNyRzNpQzA3eTdTYU9Qcm5DZkJTcXhFck82U0VIcTRpaXlFWCtXMjdOakVPSyswV01TeWlZb1RsWW9BY3QvQlF6TnVLUThzUHRkWGNrbmhOdXhDQlFQN1BxanBHT0xsSng2bzJRTUxHNXRwRmsvcm94Y1NEVnJSTGdzV1FmVTh2RGx5Qm1yRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
283171
content-length
0
expires
0
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9589 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 17:28:07 GMT
x-content-type-options
nosniff
server
cafe
age
77550
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Fri, 08 Dec 2023 17:28:07 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 1E08 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 08 Dec 2023 15:00:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame C39F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 04:44:12 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame C39F 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 04:44:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C39F 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
72325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:55:12 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame C39F 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 04:44:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame C39F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
72354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:54:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C39F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 09:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
20697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 09:15:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C39F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
72325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:55:12 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C39F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:37 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame C39F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 04:44:08 GMT
container.html
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6DC4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:37 GMT
expires
Sat, 07 Dec 2024 15:00:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/ Frame 28C6 		87 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85cbceaafb359c2c5a430bf996580c9269ca94b2fd643df5816fca8796e7d5d0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
17589
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 14:34:49 GMT
expires
Sat, 07 Dec 2024 14:34:49 GMT
last-modified
Fri, 11 Aug 2023 08:12:20 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 367A 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVI1gTlrPIQNQ4qq8YiK37d6TUTcN3qYpN2sWzQsAjdlpTsqTwzuITj-xpxoAEZnJpVAiAlsydZHteVnOLRXFMZbyt5ewQcf5HtRksZTtuYWmeo7x9chkQCcH9-xM69Lv1XqEkTyOMJcgPQHWCmnO3vZe8GX62tzaXFwlmpKv_i73LNPG44oeLQ2biICuNtYXywwMsOrupS10IorBvqCjtoh9RcRw
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6DC4 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Origin
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 19:51:26 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6DC4 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
71548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:08:09 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6DC4 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
72037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6DC4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
593729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6DC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 09:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
20697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 09:15:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0FC3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71598
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 19:07:19 GMT
etag
48472445140208031
expires
Fri, 08 Dec 2023 19:07:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6DC4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
72325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:55:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DC4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZuKIg2k2JE7YjdZWTEj9GIKI1Br1iSPb3_bs0GJjtTOYwjMocFZCtgOZK2lD51-sGz3zzTmR5GSM8lPIy37GOSUZesTas3O-bUCygItuTyck-WIc
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 6DC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqpErxsJwmnbyJr1a5r9M47dbOCuyMqMoSQFkz3BZl17xarUmTXpr3ITzFQlP7P60_UEUKU8RGsQgE4I8rMXq3kpO0pQ
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6DC4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:38 GMT
truncated
/ Frame C39F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2a4f81bfb6ea085da3920d788715bfd3e3e43f0737cb1f871be910b77bb47d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 28C6 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
28035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:13:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 28C6 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8866463111437598340/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
71598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 08 Dec 2023 19:07:20 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0FC3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDZlZDhA3pXqMP0N1p1p4Uc&google_cver=1&google_push=AXcoOmTia-CBq4nU2yhEIwq7Zq0mCxUIYpGPa_eiT9zQjv7szp3WeqDJr1vkH26uemt_3nU1Rkz6In6-tdu7psX8OrlIMQvQT3useQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5MTExOTQ3NDY2Njc3NDcxMQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDZlZDhA3pXqMP0N1p1p4Uc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDZlZDhA3pXqMP0N1p1p4Uc&google_cver=1
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 08 Dec 2023 15:00:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDZlZDhA3pXqMP0N1p1p4Uc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0FC3
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBJ2w9rC19yGH3WR51Jnb-8&google_cver=1&google_push=AXcoOmRBfFppHtCIpxLGMJ8N0J_ucpBIu5lowZy9vWA3y6uYarxy2PWmkud4jUr8K4aCKLTubGlO5aU30XLSgAC1pnpPd7iIWW4Z
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862055548164&us_privacy=1---
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862055548164&us_privacy=1---
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862055548164&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0FC3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSfAZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cMafUhNvb4TX_w_vRfud4fN8KwvK9gjGyvCmcg&google_push=AXcoOmSfAZr8XX-WFE4KT4AfYKUV7C8dosK545gkxSMoZfmJx5vuc_D0x9g1NCz4i_qtsTJBHQQJyItCRrm_...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cMafUhNvb4TX_w_vRfud4fN8KwvK9gjGyvCmcg&google_push=AXcoOmSfAZr8XX-WFE4KT4AfYKUV7C8dosK545gkxSMoZfmJx5vuc_D0x9g1NCz4i_qtsTJBHQQJyItCRrm_6t_A4kLZIHJW4jDN2A
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cMafUhNvb4TX_w_vRfud4fN8KwvK9gjGyvCmcg&google_push=AXcoOmSfAZr8XX-WFE4KT4AfYKUV7C8dosK545gkxSMoZfmJx5vuc_D0x9g1NCz4i_qtsTJBHQQJyItCRrm_6t_A4kLZIHJW4jDN2A
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
918650
content-length
0
expires
Fri, 08 Dec 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 0FC3 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPh-j04kpOhW6yv98KCOog0&google_cver=1&google_push=AXcoOmT1q750KLyPb3wjn6NQzMIWlapjVQpsf0B0Du25saKuOnxoXriWzIKx1YvIptvA1vkLAslnmejYJRAcBFQHUhEfrIepHWkvdA
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 0FC3
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGtWLncXG5nY5ES6hc4zJNQ&google_cver=1&google_push=AXcoOmQNcNFxrapvP1w-QBRDMT95CaRyKnr03uJ8gMZCSWwdcaao-pF0Mn1S5kCxOWHxyeduRo2fqgmfREvdUSyP4x5Ixlk_OuTUsg
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQNcNFxrapvP1w-QBRDMT95CaRyKnr03uJ8gMZCSWwdcaao-pF0Mn1S5kCxOWHxyeduRo2fqgmfREvdUSyP4x5Ixlk_OuTUsg&google_hm=M3ptbVZlZWtreGV2Y2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQNcNFxrapvP1w-QBRDMT95CaRyKnr03uJ8gMZCSWwdcaao-pF0Mn1S5kCxOWHxyeduRo2fqgmfREvdUSyP4x5Ixlk_OuTUsg&google_hm=M3ptbVZlZWtreGV2Y2tJVHhaUkQ=
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQNcNFxrapvP1w-QBRDMT95CaRyKnr03uJ8gMZCSWwdcaao-pF0Mn1S5kCxOWHxyeduRo2fqgmfREvdUSyP4x5Ixlk_OuTUsg&google_hm=M3ptbVZlZWtreGV2Y2tJVHhaUkQ=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pub
cs.chocolateplatform.com/ Frame 0FC3 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMD54A6Vy2ucvOAmWYIZzu4&google_cver=1&google_push=AXcoOmTdwklE9biKD0AQmF9l0I9mvzdSSTACnPrsGYARI7_Se8tMG03VpzlE6r4HmnIC6Av_VQ7J8Iruxlh5QRetwc4NQe6DPWqiIw
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 08 Dec 2023 15:00:37 GMT
server
CookieSync Server
content-length
0
0.gif
id5-sync.com/i/495/ Frame 0FC3
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJX9RQf2TzNvhwzBhF_oqlI&google_cver=1&google_push=AXcoOmS5L50uX35lWDbl-yf34HWibsmzwhhx5pqLgxN985fkt01PuGwLaatb3WzwI3dtHFUiOSRfAZeeICULnD80LcjMcazN0CM2itI
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmS5L50uX35lWDbl-yf34HWibsmzwhhx5pqLgxN985fk...
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmS5L50uX35lWDbl-yf34HWibsmzwhhx5pqLgxN985fkt01PuGwLaatb3WzwI3dtHFUiOSRfAZeeICULnD80LcjMcazN0CM2itI
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 08 Dec 2023 15:00:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 08 Dec 2023 15:00:38 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmS5L50uX35lWDbl-yf34HWibsmzwhhx5pqLgxN985fkt01PuGwLaatb3WzwI3dtHFUiOSRfAZeeICULnD80LcjMcazN0CM2itI
x-download-options
noopen
vary
Accept
content-length
274
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 0FC3 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LC0fmna_Uf5qLPyQeIhA6PcVF_zCd-vV0eyUaxK30wFu8zkqPRJVaVzY2R79vJl_r9Ly2gbQ
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 46D9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
280153
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 09:11:25 GMT
expires
Wed, 04 Dec 2024 09:11:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 367A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
43 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVI1gTlrPIQNQ4qq8YiK37d6TUTcN3qYpN2sWzQsAjdlpTsqTwzuITj-xpxoAEZnJpVAiAlsydZHteVnOLRXFMZbyt5ewQcf5HtRksZTtuYWmeo7x9chkQCcH9-xM69Lv1XqEkTyOMJcgPQHWCmnO3vZe8GX62tzaXFwlmpKv_i73LNPG44oeLQ2biICuNtYXywwMsOrupS10IorBvqCjtoh9RcRw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v5W%2B%2BiN44CKqfGF%2BFrUdltZpv83iClm428ib%2BQJufN86yzU2I8Z%2BV1dya5DdVPaQPk4D3UexX%2FEBNq2qIdHutsdr6Xlvl5KNyaWYXIWYXaf%2B2LhMbsyf8NnfEJYvAyQx5U5dRTkKsv2GA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8325e10a799665d4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 367A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXMvluj9bPEAuhYV6-22OwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVI1gTlrPIQNQ4qq8YiK37d6TUTcN3qYpN2sWzQsAjdlpTsqTwzuITj-xpxoAEZnJpVAiAlsydZHteVnOLRXFMZbyt5ewQcf5HtRksZTtuYWmeo7x9chkQCcH9-xM69Lv1XqEkTyOMJcgPQHWCmnO3vZe8GX62tzaXFwlmpKv_i73LNPG44oeLQ2biICuNtYXywwMsOrupS10IorBvqCjtoh9RcRw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFeqfMaO3YkI4OL47SCznB1jmS3IcZThWeFBXqhvlfZDXF9WtTmuZo3nIQQiD7GfU%2FWbxiGOAJIsiX6chlJzzApX%2Baa0IPUK%2Fd4XgmHhGOMl3r0QFzCU7MkHo6O7YdTFMOlnAPGayNFpeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8325e10b0a6c65d4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDsui0N56Y2pW9-U5Ys8q-g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 367A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjzhzduINpfKYtSpLQK-UQ&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELjzhzduINpfKYtSpLQK-UQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVI1gTlrPIQNQ4qq8YiK37d6TUTcN3qYpN2sWzQsAjdlpTsqTwzuITj-xpxoAEZnJpVAiAlsydZHteVnOLRXFMZbyt5ewQcf5HtRksZTtuYWmeo7x9chkQCcH9-xM69Lv1XqEkTyOMJcgPQHWCmnO3vZe8GX62tzaXFwlmpKv_i73LNPG44oeLQ2biICuNtYXywwMsOrupS10IorBvqCjtoh9RcRw
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
an-x-request-uuid
c47da896-7b1d-45c6-a845-d1e0925e034b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.153; 185.213.155.153; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELjzhzduINpfKYtSpLQK-UQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 367A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEwODEzMjIyMDcyNTQ3Njk3NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEwODEzMjIyMDcyNTQ3Njk3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVI1gTlrPIQNQ4qq8YiK37d6TUTcN3qYpN2sWzQsAjdlpTsqTwzuITj-xpxoAEZnJpVAiAlsydZHteVnOLRXFMZbyt5ewQcf5HtRksZTtuYWmeo7x9chkQCcH9-xM69Lv1XqEkTyOMJcgPQHWCmnO3vZe8GX62tzaXFwlmpKv_i73LNPG44oeLQ2biICuNtYXywwMsOrupS10IorBvqCjtoh9RcRw
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
an-x-request-uuid
4b37cac7-c176-4890-b95a-3ab8fe5d31fa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEwODEzMjIyMDcyNTQ3Njk3NA%3D%3D
x-proxy-origin
185.213.155.153; 185.213.155.153; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 6DC4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc410cf6750249cfbe5c6c2b1e37a11d399d97261da2b05f927beb7b52908295

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame C39F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cf0iIlC9zZYL_OfuVjuwP55-1qAa02ty-dNO248jyEcCNtwEQASDJtI5-YJXikIKgB6AB1tva_ALIAQmpAkTJ7AB4LoE-qAMByANIqgTMAU_Q_v3750MIfA5YSGFk74ja2vbkcKaWFmyaNSA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224702845543093533744%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224702845543093533744%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225219894138770725905%22}&andc=true
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4702845543093533744","debug_reporting":true,"destination":"https://4kzgame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"5219894138770725905"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 15:00:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4702845543093533744","debug_reporting":true,"destination":"https://4kzgame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"5219894138770725905"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 3A8F 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1702047636&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702047636616&bpp=2&bdt=338&idt=292&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2867536099469&frm=20&pv=1&ga_vid=865504423.1702047637&ga_sid=1702047637&ga_hid=1441285274&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079865%2C31079921%2C42531705%2C44809005%2C95320229&oid=2&pvsid=2398167256370812&tmod=1911696006&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
275343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 10:31:35 GMT
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 28C6 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
275343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 10:31:35 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 46D9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 14:57:15 GMT
320x50-IHG-EN.html
s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/ Frame 6497 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6707e35e9d8bc09af866d0a7a34308cea6045dfd5afcc9ae36427e612a312e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
156467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2388
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:32:51 GMT
expires
Thu, 05 Dec 2024 19:32:51 GMT
last-modified
Fri, 22 Sep 2023 14:31:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 6DC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuiUwILavqlZXMC2sqFs76FkLURiuedjM1gDeCoJe_kkHUZe42dok__Myf8sOJKwM1FmR5bsKeFr7vQtWgdfeT2-qqwi2JC6LpfuJ8ywxY7Er9V2TE66xyrH5swnhVz7Sx9lyQwuDfi5-p4WKEHB1fd4d-01wcRIkW5swCNKGVT3UDiUXevll3paaFW8su1vuk7o265RbqN8ehNLGObKHgtyXMcCN-NKn7S57augNYLlYVI-dF8VITFT6AMGFLkwl0-0Vq7f_dakcjg4Zjod19-RM1U0xAiDNnYWmgcjm83P3gi4ZxmEzhBVOXrFOvT7QUE5_pD1Kd-DlkY2G5rweHuzRB-vOIF8Hi7C8W4TEvWQYbYsBKy1WpqImEemxsEo49HY-oRgrjJrqoti791IPs0OGDLaT7swGETt7be5EB2_Ulr5dXEmAUzL7rW-swYfcTh0ikUpK6ZhLfv73-Wbsvw73pcdnGgAt8DFEye-3VYZjAl6SsA2FzzzRrAmQW1j0PjANer_5uL91nivodL1fPCS3fFnuK_YmA0yVCNHll-lGH3ljAwjTNWWmv6jNFiR8o-NtFsnU7sekXwKicuPia63OHIMFEHUnsYTviczOiLJUZVusVPzPPGZLdHDjoB-I9Z99PnBnlEB7IJqzmm06E1xyU4mDDkTJvxrvYKC5x_UJ5wf2RngSrS6MBDwsXhL1oYmMTogezwNuI55sYIf5yZ3Q6Ut9iPkDAb-Q5g5zeUXtWc4NZXVQNE4eFRQ28eaKRNrsatH7HJxhD2HNNInaA_XXwsu0BbuOzKC6j-ZSO3yI1iR9A7Fb0xaYM3UJxk1ZctySVlFpuXdrH5Tz4AOx0-SB_MhWIhIQAlpG9cW8cURBJY8GaqR3uK9JTi-mRQnDMGwDwxelPTBT94X4oZq3GCsOBlkKZglr87NkxLvogMnV4meqYBws7Vmc4rSq0w5I6dDCWvK6IBrIBJtuqmq1fOw-j-cYk-b_NGIVykA7lsEMwGWdKehxAZ2vKpDYqLfBDUKfjeQNf-LKgG1hGdahwJqbstDPvAJ8lFojKtHuqwoB-dZgWhzFTXetRlmTneMFx8QT9MMtwDMukYaW7LZyiBoWZYuWErx7FxorbZ53BZj5WfwJ-gwbrD9gN-0nDunNlx4RsQmVRZZRf1fZ530F9jnXOcuNEGtCKZM1u9fLNgDdXLi8IsAOoITiWsEEURgtr0DVaDA4rH_MWWT-d5djPJZKCoyQLdekuB3BbdNJa-QRIZMX0UY4h2KNdPSWgxibtTMvzPuUdX-wPpylNsChY6aEucUEkDZDvvE2Lwg_NX9NjzRIsnKMFli6ououALDlF5wla4aQL4H7-JortfxJPncI6uV2mhbAkL1esHsNLhopcYos-KvnM&sai=AMfl-YRu3vcYyF232IKMTXR-J49IDtwjf5HiZe8LoBlYTCdpJ3v6sQnFxae66b7WnLxl5QkNicdTa_pX0W_EC-Bt_hzMIU2z11hUFGL1oAOMzYB5vyaFxu2dz-r04SZRrzMfhFjmMcvoZOEhAJdXLLO1F57M5Pl2VYMH8RukvIMfIYF0IbfNT9edvTJmtZJVJrgrvLNlyYy2Ely_L2lDU2EmaVshsmRJV38Kp-CsV6lDIMaCE12iPRlXoA2xlohW_Xjin9wIOj4XK6V4jBZKszKCB46LbAqewjmyo5ChRs3k9eCzjv8jFhGwC14L5vXRFq5YCHhIBFS0s6XxKxBFCLyvrxhITxiesCHF3u6SF1Xtip9p1PBGHYEVvxdxtigkIx7AE9FhmLVlnSbcDFETNLWGfXGj_RI4gUcwrjCeRZY_2RZZ30cospKc0Q&sig=Cg0ArKJSzJUjj9_asUbDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9paGcuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=240&cbvp=1&cstd=238&cisv=r20231206.65127&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
firstevent
ihg.demdex.net/ Frame 6DC4
Redirect Chain
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199600097&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=2120323161
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199600097&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=2120323161
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199600097&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=2120323161
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-08513f95b.edge-irl1.demdex.com 4 ms
pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
0FdLJkcvR/4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0994aa89c.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
YCyrqzmHQ1g=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199600097&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=2120323161
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224702845543093533744%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225219894138770725905%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 15:00:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 46D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B12pclS9zZb38GPza1PIP-L6RsA8AAAAAOAHgBAI&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfOIdziPIMJhG0gSZzpeFFHiQ36t01_kNdNIdth13Aw2nl7AE5ZaoNCwDRQCvQXlrjAgAAAEJSAAAAAWgBBwoAEB6spzvonjMj95IEWacryHGZAy3WGPtORswA73guJNU9FU_kqzwHNMz8RPXE3HYyW-wWL5xllj16qZVDjXjw6arqNFKJVB895d_31GsloSNuEYAIKqEvdcVCbpRguZjjNPO_RugVjEweaAh8kt1uTjv-SwS_xx20uGk0hVRGyGxyPN3f2iGcGVbEhDpZd2ANjJAwAnlII_8VmuT_utTuqw4sSPNNcntGelS7iGyS3RrsoNEJGGhyQDC_e70gSIUA7cL6wk3F23VwBiVIv1MFq-fZ2-N7N3lyTRt80RDeTAW04lWEpjd4u0WcHE7nMQ1qvnB7cGPZpRMPssAepPH7wrQy5efyE9k1spmWiFmrrTAHkU8exfaiAKQemBy6TMCHk03JhhDWJJNQqRI89LBLwpShRApZeyju4iVrD_NAuQyAFK5KSBBpA83Ruh4SjxcY9jTQ6exmA7H4RaORMhUR3xznNtbWFTfO8QvQ4qKZ9Qn3_XEY_BuhzM5j-yOAWLBRWHWldxE9QWfzBslm3ySsEMB-7Hdd6TGtfx_tMBiVVM8UhSXvJ1eYBhuQVH-fBO4ZyBrhCIr2h-gI3YRd-880lHMiTH-FZL5PLJma8A8_t24oUfdai2lmaHRHL3jP16DuSWr9P1ksqxw0VPMg0MnQ7IF6b2e5G4I0cK1Ntbq4f94KKv3t93bnOoLcRrHHyzbL_20XqSGnADbCaJc3ri0fz1ES5XJkIqnn190a5tn9WGLnKWYZv--E5jbDjEznNqfTG88EI7JNnWbKo7ZG5BusuWNQ1O9ReFyq6Bmt1s1G-bJSuQT8VXcZBr6ftorS0ilrjMN_KCyovHrr6AFb5kU0_7WNZ0QMFRKiriVrRvKiV79IhK2VQxBjK59XGHhJ-Is_X-IrbQX3DNr3-wZcHxiOl2m-adJuu5oktYrwhddRJlDYk2nUsN_3MlI6rYSIjEbWN3yz2w077H5pWp3GX17M3Wl6uYGp9lR7IkpPMFgU0H9D5w8S4eW_SETXBGw4Uu3X3HC30j-A43805STFEoI-0P5VH9ft6DXf_hM-wjjbD9vYZKtYDLQcObfYo7vRJRy3gvYMofSmMPhzaT7JlDOdXfU
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 6497 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7ed6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Fri, 08 Dec 2023 15:15:38 GMT
320x50-IHG-EN-template.js
s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/ Frame 6497 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN-template.js?1643315046007
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37347237fd275e5e05d7da1ba74a92a06c58c89ce83a52f376f9971c5a34d111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 16:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5467
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 14:31:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Dec 2024 16:38:53 GMT
container.html
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:37 GMT
expires
Sat, 07 Dec 2024 15:00:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
_320x50stroke.png
s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/images/ Frame 6497 		267 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/images/_320x50stroke.png?1695325265896
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af27fd178a5afc293b54611bb56408ee12491b153053bd7709f754abe00d1c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:50:20 GMT
x-content-type-options
nosniff
age
583818
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 14:31:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 20:50:20 GMT
view
ad.doubleclick.net/pcs/ Frame 6DC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuiUwILavqlZXMC2sqFs76FkLURiuedjM1gDeCoJe_kkHUZe42dok__Myf8sOJKwM1FmR5bsKeFr7vQtWgdfeT2-qqwi2JC6LpfuJ8ywxY7Er9V2TE66xyrH5swnhVz7Sx9lyQwuDfi5-p4WKEHB1fd4d-01wcRIkW5swCNKGVT3UDiUXevll3paaFW8su1vuk7o265RbqN8ehNLGObKHgtyXMcCN-NKn7S57augNYLlYVI-dF8VITFT6AMGFLkwl0-0Vq7f_dakcjg4Zjod19-RM1U0xAiDNnYWmgcjm83P3gi4ZxmEzhBVOXrFOvT7QUE5_pD1Kd-DlkY2G5rweHuzRB-vOIF8Hi7C8W4TEvWQYbYsBKy1WpqImEemxsEo49HY-oRgrjJrqoti791IPs0OGDLaT7swGETt7be5EB2_Ulr5dXEmAUzL7rW-swYfcTh0ikUpK6ZhLfv73-Wbsvw73pcdnGgAt8DFEye-3VYZjAl6SsA2FzzzRrAmQW1j0PjANer_5uL91nivodL1fPCS3fFnuK_YmA0yVCNHll-lGH3ljAwjTNWWmv6jNFiR8o-NtFsnU7sekXwKicuPia63OHIMFEHUnsYTviczOiLJUZVusVPzPPGZLdHDjoB-I9Z99PnBnlEB7IJqzmm06E1xyU4mDDkTJvxrvYKC5x_UJ5wf2RngSrS6MBDwsXhL1oYmMTogezwNuI55sYIf5yZ3Q6Ut9iPkDAb-Q5g5zeUXtWc4NZXVQNE4eFRQ28eaKRNrsatH7HJxhD2HNNInaA_XXwsu0BbuOzKC6j-ZSO3yI1iR9A7Fb0xaYM3UJxk1ZctySVlFpuXdrH5Tz4AOx0-SB_MhWIhIQAlpG9cW8cURBJY8GaqR3uK9JTi-mRQnDMGwDwxelPTBT94X4oZq3GCsOBlkKZglr87NkxLvogMnV4meqYBws7Vmc4rSq0w5I6dDCWvK6IBrIBJtuqmq1fOw-j-cYk-b_NGIVykA7lsEMwGWdKehxAZ2vKpDYqLfBDUKfjeQNf-LKgG1hGdahwJqbstDPvAJ8lFojKtHuqwoB-dZgWhzFTXetRlmTneMFx8QT9MMtwDMukYaW7LZyiBoWZYuWErx7FxorbZ53BZj5WfwJ-gwbrD9gN-0nDunNlx4RsQmVRZZRf1fZ530F9jnXOcuNEGtCKZM1u9fLNgDdXLi8IsAOoITiWsEEURgtr0DVaDA4rH_MWWT-d5djPJZKCoyQLdekuB3BbdNJa-QRIZMX0UY4h2KNdPSWgxibtTMvzPuUdX-wPpylNsChY6aEucUEkDZDvvE2Lwg_NX9NjzRIsnKMFli6ououALDlF5wla4aQL4H7-JortfxJPncI6uV2mhbAkL1esHsNLhopcYos-KvnM&sai=AMfl-YRu3vcYyF232IKMTXR-J49IDtwjf5HiZe8LoBlYTCdpJ3v6sQnFxae66b7WnLxl5QkNicdTa_pX0W_EC-Bt_hzMIU2z11hUFGL1oAOMzYB5vyaFxu2dz-r04SZRrzMfhFjmMcvoZOEhAJdXLLO1F57M5Pl2VYMH8RukvIMfIYF0IbfNT9edvTJmtZJVJrgrvLNlyYy2Ely_L2lDU2EmaVshsmRJV38Kp-CsV6lDIMaCE12iPRlXoA2xlohW_Xjin9wIOj4XK6V4jBZKszKCB46LbAqewjmyo5ChRs3k9eCzjv8jFhGwC14L5vXRFq5YCHhIBFS0s6XxKxBFCLyvrxhITxiesCHF3u6SF1Xtip9p1PBGHYEVvxdxtigkIx7AE9FhmLVlnSbcDFETNLWGfXGj_RI4gUcwrjCeRZY_2RZZ30cospKc0Q&sig=Cg0ArKJSzJUjj9_asUbDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9paGcuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=514&vt=11&dtpt=274&dett=3&cstd=238&cisv=r20231206.65127&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 31A2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:25:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
318924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Dec 2024 22:25:14 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 31A2 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3519
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwMdk4brEBoonKFXY7LYxk0FVSnVJEb0CQQ2Ewtug8NqUg4QMwkp4uCvTUyZraQPssIvq0ty6JcdAAvxEXBNH6gMmGO1Z480triVStd4yNykVC3poRl6xSdmsjEdpyAjpKJ3pcmJRLHteeAJVO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8325e10ca8831c19-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 31A2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:38 GMT
HIlogovert.png
s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/images/ Frame 6497 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/images/HIlogovert.png?1695325265896
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f98cfe6d95e7ca6c6d14d3b34d959052eee1ed7160418d5e3922aeed6f9acd46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6611297739646959616/320x50-HI-DE-refreshed/320x50-IHG-EN.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 23:41:42 GMT
x-content-type-options
nosniff
age
314336
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7390
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 14:31:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 23:41:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 31A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlE_6OQC_J2XHwfBGyxZqKHXnxW3OaqMQuq9JAcXCg-tjGLo-yjxGWvwWAk2AbisGtSFB4IvrNtxp_YqaSBY0AmFUX7m4JT_8XqC0XMH2J8-Iyin5uh67vfMlaa3IULzybRNc1XN7i6Qm8TY8k-iRT8Bsb7E3XRFfiisfDXZIYJDZB6iwhrpHntMmUvSFPYHKBhbT4JXy6tYyK8e0JsR9jekUaWkCYUDHo4inU1hefdKSP7KE45Oay-pr5i52C02V03U7mHuXX7YkWEnqHp2D1eQVFFIaUzmcJ_D6PnGFistaRR_27zOV9U2zLZiZfr3iU9CmGNwxMsLtlcEpkA2bCEtDcD6ocxvOOHAPWKRZDSEte1Wj3_TwW7xKphlhdc1QNT1PAb7jp4zac6H8&sai=AMfl-YQ_au4P6bl8p9BoZWxc7Nl0zTjHpyp4EPOVxBd_5pY3W95g_HZUUXNHxxnFwp4Lx7rnZ9nkpJtPzUEIKEi3sj2VvuhjQIVpjqfe80STXAO9MFeWW6mWIY3NJ9YNWKz-Rf-7LIjYz-9XEg&sig=Cg0ArKJSzMSs0h8gXuT6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame BADC 		281 B
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNV133zMeCJ1J8S64L_mC42wS7jusH2aBTJZd4xFNk8eAsosgQrhshyVxCICH2cHIcJ4iRa6cfG2oC4scuq1vwI8cZifisA4v73Af1EgbOBqnUByU_Y
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E701 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E701 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrcTO5T9r0Ss_ss0SZ0to4pnnPu016rkdFqGCG-uMWpXfZxCLIJraIuCQtdSDt0yjuYyKU7-4cgenN0AXuPsAqOeqdDM-sA5nhSB2wtH0U3W65Lks
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
606a40a2-0a69-46cb-9863-1021de7a5f6a
beacon-ams3.rubiconproject.com/beacon/d/ Frame E701 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/606a40a2-0a69-46cb-9863-1021de7a5f6a?oo=0&accountId=20988&siteId=513654&zoneId=3082760&sizeId=2&e=6A1E40E384DA563B233262DBD959DA65F4AAC23BB2F61E122628BBE74AFB4B952DC4B5039FFC686F5AAA79937752CF5CB8B520C6696685691D97CEC6F14526E4B86F7EFCF78E14579B145C2331B70111A1552769D52910BE9840C8F09794715290C0375E4938D1A4A2F6EA20F5D9FEBE82F5DF222211DC5CDA7C2277C8E8C8434E6FC96756E5E571CDB72F07131AAB53019676A0A6E9D501C52FDFC6BEC2D41E0A4DCF435E00C7B4F23284E4AA4490E99203DAD93E2DCF24CDA10306204D320B
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 31A2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8cf56b4a07234b3d6b7958cf7b41b43d1adbdf141ce8ce81fa11621bfd4a586

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame BADC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEHQeBuViFPkjQci_Qzg1LJ0&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEHQeBuViFPkjQci_Qzg1LJ0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=8454f4ab16f81f8613ffb6bcc59494f6&uid=8454f4ab16f81f8613ffb6bcc5949...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNV133zMeCJ1J8S64L_mC42wS7jusH2aBTJZd4xFNk8eAsosgQrhshyVxCICH2cHIcJ4iRa6cfG2oC4scuq1vwI8cZifisA4v73Af1EgbOBqnUByU_Y
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:38 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 15:00:38 GMT
Last-Modified
Fri, 08 Dec 2023 15:00:38 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BADC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNV133zMeCJ1J8S64L_mC42wS7jusH2aBTJZd4xFNk8eAsosgQrhshyVxCICH2cHIcJ4iRa6cfG2oC4scuq1vwI8cZifisA4v73Af1EgbOBqnUByU_Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E701 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2410469703603&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E701 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2410469703603&version=m202309260101&ct=76&x=8&cor=5259701006572973000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E701 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAzeupuEErSOeih49AkAjypLDfwCOG12xRsiCGZhQ1iuipKQKPG5_JgWX37UoAyY-yRcEoEs9SehNn1DgOUNN4j4m5XOg_tEF_XcAvuRGLY27i7yMRtMsclDQerNNbNfXFmf-59Ut9mavisJhxQOes64ePieG27za6QiRyKuazpg6u94w&dbm_d=AKAmf-BRrlr9y-cFtSvRPvKAdvfcktnUJDcyGYv03GTDD993RW0bySwy-eI18cc4Z62nziu-0YnM41Z0iGXAHRpEhPKoMgWnnLq9h2A6HKkUE6Twme2Pexpom2OR3HZNRZATqG1P6tOBtjQtC68qsesqF4-WHXVfw5_5gHNfoGc9zJRzleQl5jJTOdQlPpZK4SEB5g3omkpLMybIffWDMcRZ1syPkXkfUYkoex8Jbu23n8BPaa0A5alral_IsZ_5rw0ZWWEwSBGwhLMjtoht8oG8G9TrbZx4iWMipJc2aLoR5xIzEWGGJeBytpJMJb2lVAtbbIHgDK40Ntw1RXvwv9-txCmGs9Fieslw8_-yJvSoO4-FQu-8ofQSrVSFqrfe3rnunLa-laOFNLy1JveaaGK2hRVqJBwlxMgbMi4IpJyU2bgHUt92zYe-4lZC-x5Kq3U6pAjWrjiI2hXunjtX_ZqaTeBWPZ7aNDpTCwE7ntDfT3K3v5BKput0R0Q5gmpBhiFd6c8kyN9oqvy36vR2jxPyGAz7hAtLiBjVmsxMzWF1gFjzh0PyWGi8bdK112zCjJsFLmgTJT0OvFDxn1qbgYLWtC33NaKc5ZK8Ur7uOA-WcA0TVyAqBDjGWTxNt8SmUDafUHZvP6DjnfkPqHoViHB4m3Bq5bOR3BluBYEqngzxRWqDwW2AY8YLqBc53fpjYoVrNP7yf2hjJoqssw52NFYwFGWnojMrhFOWGCnkS-B-OM0fC4f2ErVBp8H0Gj5FOCmsGtlisv7qsbGSANA0amljxNzouncOkMglp67IBQFQkq7kE1TgaKqPEhCHOucoacxlAjH4Nd-3uyzhurtmRd1QB9t_Y6pApbeipqBO1rM2aBwqiw-an-15P0yeDe47SB6u0utJScn4uOeeg4Irfc0gDSWer6iVHCodUARtzMbws44ffAOGrwZxUXOBTdpbxR9WktQZrpZc8lbR2Xnov2-Lrpmy3kmzMv7uX6Z-xrinHjIRaPULbxKw-s8r0Ojno93kXoUPdAljxR_EuM2Li1Ci3e_hq807lkeIJIvq2khnoZjcf5d75fb99N9QUiAZQbpneFk1-l9Bq3g-fTeWWYglOOD0P7lZYP-1qm3Kd5PMEPsPpTpLX9CQa8O4-uZzTnnRwSZaPS3c5Ltqdv_O1jr4wX_-ng7BN2FfdPvMq_9njFO_eRBmPqVDBAQwArMGaKUEMURV721r2MuYYbWxRI16dUx-bmXldSN5Zgjx9WulxWzOkxaFOzjQzNFDChbkrbgJr5LZbyk4_sDNJ8axS79HIobvwi0Wpbx8344Te9vPRJ1xbzQMGc-yrYd339EDBy13ZZXgUmJKNQlVbZxC3fT2IMCE_34R-plTzt0rb2ByJxZGEIXr_wAVGmWN-5wtJzgx9_Zd9z7dwj9RRHLRYYNicvxAKCDvPGQDmLbbpXoePN4LyGORI_ldae3X9pxcocQGU3HkiwputYRbqxwAraBL1pITdAqVekukjZFE2JMnLi4Vd6-EvIQ1tScH2FkMGuB5fmEXrl51aR2PbKOTS1WLxLKKl1AAnwccxDFYIgJb6dg2nFBsnws2wuTyKzp9vc8wJtrkJGoe74kPcb5aiYxSH0T3kkzbFlg9wgAR__biGNNaw9qu4v_xLR9VoeDGRx2f61sTlfl2Sh4xwmqh-7fDh_zr2h9U_vzzlxbDXlaTBEZZPglVap9lbjCAjHVvjjb2WJb7eA8tgoEdREEOIe6weYMe-Iws1MPwPSJUH8F5LmvcdvbdRzmqUtuyovgW3i_DfFpzU1GSGvDiVt52gCBDxhKQwEUkDtDd92BVx3JMTC1_AY1TdhpFRA8wBRHUP4z0HgOVIV47L_XHY0nTRQpQjTrHT7Rkfys7BNBpjTQB4tBagyRm7UXVTDsHAgm99do_0ZnqwKEvy4t5i7zSk41cHeFBo5lU6OrZ9KJf5-uuWxC8mxh9WfwxGOVjJDqeVzR8pIAN7Ket89WOF71XLM3kGy0i6vLEApdEwdqgxC0PatMrkWMs49HXww_1qibPAWJ7Qi-hEpWCKHJ9oDrF5tykpe8yyug_6s2Xo3qMa_KItVYmMQByxW-9VUg796Y8R6h9wO7j3BL8eW8Z9x6w1G8rvPM5OQDS5WJkQNlzAywhHxNn3hzdPM8AJmhyzQoYya6oPQY9FCNLm0OSn5eSvwIKU8JVimEw2n8JuZX6wT88DeFm3Cahqr21sX6eso7d8Yq49R2prXWTY-RraP8pRU2sCfksQ5cKgg8EqBS9LRCh6w1rZF4FFxJkOlpOIrHwVo9mLWIwQZjwrw4YWCVTxNpqjh0kTmC7nlja0oDCn1V_ZChNKjlECwiaiHBoz8utTnnNXxqMg2LsQbD7A1Uh2WW3z11Vff6pWboCisdaqG8A3hBjc22VJVhm72zqVB2GnlOv6AzEgTOOXkjFARdmfEOO8fA3FF7xwNsFOvprGy1CcorxBYTLk46pPu86TanFMUSI643UgT8D6eHrjCLjPtbEcf6RkphzjJonSsPt5GQwDHWRjcf3GJNN0vPpb139fKuU4xSflsE41Mh1nozdxO_uYKs3zaEd4JXJhJ1QS_FftOyJetBWwFrRhaw3ltMVRmbrLnxD2YkGiqGUTuPqfSmpZQh5-ck1kewJcdITHYKkvbvIOqYaKv6AYmoFp9qazIBbbMowVat90uFLSjInMGTiCn5EgLzOtmn4gM7dKYPMp0Dzx8F8uhqhn-KZxVz3EpXtRXZ2Jb_QLMDvLJC0d0IRF0i68RkYyP_OqPrDpIIW3jRgDZCZY-kundDRz6WacgymYIKbR_5sB3r4-D8WH8gTEmmPwTidok0n7kXootlJwHr9OnHgxRPsCIw20lLpVNkE3tGyynzwropgP5wR_zKBpPbzgr3amCXdEvWSrNZ2ie9lUEqFYZkSOQrTRoN9KL3bxnPE8lf_HODxemC3vvRN0Kti-lLp3oEUZBMPd9LkEgXXc8g4VrsTPs4dM5grEBcfE6pE8e4soG_SFkt0SQ0KDDjjVTbWdLufcU0lhoaFnh2p_68sHqMQ2KvMIzC8V62EoDQOTw4EbrZf4-D7YXed_fQKNhy8fmUi6-sO0wgK601hXDVmeKB2yW4XJqZqXIGOQ_s4LuzSSqENs5r1kf4wnPNWYc-XvnXMiMm_Srte5nRGp1Vs-thvbcLYv2G5h3A3kf2It1uwQI-fMBQ8Y-e9vEYhXX4WJaFt6I1pErg-CRrQ2RImHvwJDAZ7HotkNRQCr_dVUBdLQVdzPP3rC5DhOuca44FFX89bKgi_7_C9KQHl_x3oMsTAW4XAJf2DxL3PoWxaZ0BhGKuSqLDcX_NWN39XV_rjlJ_MZw5HNPkc4QUKyiJ6cu4zBIiPll637K2UWaOIcW5VKwjjeFQiVLXqdUh3rsiuQTpcyf6l4TiPvtZPQo4UySqr6HC5U2UIhTG2-3Wllu-OISnXNkkmee46j9DSrOoH2g&pr=8%3A6EDA796CF1219D8B&cid=CAQSMgDICaaNg7GZtPU7WDnppyYOOuSTj4_NAe_mUtpJTWShbdU9YZaGbsao5QlRTK9C-RdgGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=5259701006572973000&adk=3030647&idt=203&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
922d3d7dd7772ab371fad867be8d540f3fc9472235a394f65289151cee4ab1b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40372
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E701 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Origin
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 19:32:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame E701 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAzeupuEErSOeih49AkAjypLDfwCOG12xRsiCGZhQ1iuipKQKPG5_JgWX37UoAyY-yRcEoEs9SehNn1DgOUNN4j4m5XOg_tEF_XcAvuRGLY27i7yMRtMsclDQerNNbNfXFmf-59Ut9mavisJhxQOes64ePieG27za6QiRyKuazpg6u94w&dbm_d=AKAmf-BRrlr9y-cFtSvRPvKAdvfcktnUJDcyGYv03GTDD993RW0bySwy-eI18cc4Z62nziu-0YnM41Z0iGXAHRpEhPKoMgWnnLq9h2A6HKkUE6Twme2Pexpom2OR3HZNRZATqG1P6tOBtjQtC68qsesqF4-WHXVfw5_5gHNfoGc9zJRzleQl5jJTOdQlPpZK4SEB5g3omkpLMybIffWDMcRZ1syPkXkfUYkoex8Jbu23n8BPaa0A5alral_IsZ_5rw0ZWWEwSBGwhLMjtoht8oG8G9TrbZx4iWMipJc2aLoR5xIzEWGGJeBytpJMJb2lVAtbbIHgDK40Ntw1RXvwv9-txCmGs9Fieslw8_-yJvSoO4-FQu-8ofQSrVSFqrfe3rnunLa-laOFNLy1JveaaGK2hRVqJBwlxMgbMi4IpJyU2bgHUt92zYe-4lZC-x5Kq3U6pAjWrjiI2hXunjtX_ZqaTeBWPZ7aNDpTCwE7ntDfT3K3v5BKput0R0Q5gmpBhiFd6c8kyN9oqvy36vR2jxPyGAz7hAtLiBjVmsxMzWF1gFjzh0PyWGi8bdK112zCjJsFLmgTJT0OvFDxn1qbgYLWtC33NaKc5ZK8Ur7uOA-WcA0TVyAqBDjGWTxNt8SmUDafUHZvP6DjnfkPqHoViHB4m3Bq5bOR3BluBYEqngzxRWqDwW2AY8YLqBc53fpjYoVrNP7yf2hjJoqssw52NFYwFGWnojMrhFOWGCnkS-B-OM0fC4f2ErVBp8H0Gj5FOCmsGtlisv7qsbGSANA0amljxNzouncOkMglp67IBQFQkq7kE1TgaKqPEhCHOucoacxlAjH4Nd-3uyzhurtmRd1QB9t_Y6pApbeipqBO1rM2aBwqiw-an-15P0yeDe47SB6u0utJScn4uOeeg4Irfc0gDSWer6iVHCodUARtzMbws44ffAOGrwZxUXOBTdpbxR9WktQZrpZc8lbR2Xnov2-Lrpmy3kmzMv7uX6Z-xrinHjIRaPULbxKw-s8r0Ojno93kXoUPdAljxR_EuM2Li1Ci3e_hq807lkeIJIvq2khnoZjcf5d75fb99N9QUiAZQbpneFk1-l9Bq3g-fTeWWYglOOD0P7lZYP-1qm3Kd5PMEPsPpTpLX9CQa8O4-uZzTnnRwSZaPS3c5Ltqdv_O1jr4wX_-ng7BN2FfdPvMq_9njFO_eRBmPqVDBAQwArMGaKUEMURV721r2MuYYbWxRI16dUx-bmXldSN5Zgjx9WulxWzOkxaFOzjQzNFDChbkrbgJr5LZbyk4_sDNJ8axS79HIobvwi0Wpbx8344Te9vPRJ1xbzQMGc-yrYd339EDBy13ZZXgUmJKNQlVbZxC3fT2IMCE_34R-plTzt0rb2ByJxZGEIXr_wAVGmWN-5wtJzgx9_Zd9z7dwj9RRHLRYYNicvxAKCDvPGQDmLbbpXoePN4LyGORI_ldae3X9pxcocQGU3HkiwputYRbqxwAraBL1pITdAqVekukjZFE2JMnLi4Vd6-EvIQ1tScH2FkMGuB5fmEXrl51aR2PbKOTS1WLxLKKl1AAnwccxDFYIgJb6dg2nFBsnws2wuTyKzp9vc8wJtrkJGoe74kPcb5aiYxSH0T3kkzbFlg9wgAR__biGNNaw9qu4v_xLR9VoeDGRx2f61sTlfl2Sh4xwmqh-7fDh_zr2h9U_vzzlxbDXlaTBEZZPglVap9lbjCAjHVvjjb2WJb7eA8tgoEdREEOIe6weYMe-Iws1MPwPSJUH8F5LmvcdvbdRzmqUtuyovgW3i_DfFpzU1GSGvDiVt52gCBDxhKQwEUkDtDd92BVx3JMTC1_AY1TdhpFRA8wBRHUP4z0HgOVIV47L_XHY0nTRQpQjTrHT7Rkfys7BNBpjTQB4tBagyRm7UXVTDsHAgm99do_0ZnqwKEvy4t5i7zSk41cHeFBo5lU6OrZ9KJf5-uuWxC8mxh9WfwxGOVjJDqeVzR8pIAN7Ket89WOF71XLM3kGy0i6vLEApdEwdqgxC0PatMrkWMs49HXww_1qibPAWJ7Qi-hEpWCKHJ9oDrF5tykpe8yyug_6s2Xo3qMa_KItVYmMQByxW-9VUg796Y8R6h9wO7j3BL8eW8Z9x6w1G8rvPM5OQDS5WJkQNlzAywhHxNn3hzdPM8AJmhyzQoYya6oPQY9FCNLm0OSn5eSvwIKU8JVimEw2n8JuZX6wT88DeFm3Cahqr21sX6eso7d8Yq49R2prXWTY-RraP8pRU2sCfksQ5cKgg8EqBS9LRCh6w1rZF4FFxJkOlpOIrHwVo9mLWIwQZjwrw4YWCVTxNpqjh0kTmC7nlja0oDCn1V_ZChNKjlECwiaiHBoz8utTnnNXxqMg2LsQbD7A1Uh2WW3z11Vff6pWboCisdaqG8A3hBjc22VJVhm72zqVB2GnlOv6AzEgTOOXkjFARdmfEOO8fA3FF7xwNsFOvprGy1CcorxBYTLk46pPu86TanFMUSI643UgT8D6eHrjCLjPtbEcf6RkphzjJonSsPt5GQwDHWRjcf3GJNN0vPpb139fKuU4xSflsE41Mh1nozdxO_uYKs3zaEd4JXJhJ1QS_FftOyJetBWwFrRhaw3ltMVRmbrLnxD2YkGiqGUTuPqfSmpZQh5-ck1kewJcdITHYKkvbvIOqYaKv6AYmoFp9qazIBbbMowVat90uFLSjInMGTiCn5EgLzOtmn4gM7dKYPMp0Dzx8F8uhqhn-KZxVz3EpXtRXZ2Jb_QLMDvLJC0d0IRF0i68RkYyP_OqPrDpIIW3jRgDZCZY-kundDRz6WacgymYIKbR_5sB3r4-D8WH8gTEmmPwTidok0n7kXootlJwHr9OnHgxRPsCIw20lLpVNkE3tGyynzwropgP5wR_zKBpPbzgr3amCXdEvWSrNZ2ie9lUEqFYZkSOQrTRoN9KL3bxnPE8lf_HODxemC3vvRN0Kti-lLp3oEUZBMPd9LkEgXXc8g4VrsTPs4dM5grEBcfE6pE8e4soG_SFkt0SQ0KDDjjVTbWdLufcU0lhoaFnh2p_68sHqMQ2KvMIzC8V62EoDQOTw4EbrZf4-D7YXed_fQKNhy8fmUi6-sO0wgK601hXDVmeKB2yW4XJqZqXIGOQ_s4LuzSSqENs5r1kf4wnPNWYc-XvnXMiMm_Srte5nRGp1Vs-thvbcLYv2G5h3A3kf2It1uwQI-fMBQ8Y-e9vEYhXX4WJaFt6I1pErg-CRrQ2RImHvwJDAZ7HotkNRQCr_dVUBdLQVdzPP3rC5DhOuca44FFX89bKgi_7_C9KQHl_x3oMsTAW4XAJf2DxL3PoWxaZ0BhGKuSqLDcX_NWN39XV_rjlJ_MZw5HNPkc4QUKyiJ6cu4zBIiPll637K2UWaOIcW5VKwjjeFQiVLXqdUh3rsiuQTpcyf6l4TiPvtZPQo4UySqr6HC5U2UIhTG2-3Wllu-OISnXNkkmee46j9DSrOoH2g&pr=8%3A6EDA796CF1219D8B&cid=CAQSMgDICaaNg7GZtPU7WDnppyYOOuSTj4_NAe_mUtpJTWShbdU9YZaGbsao5QlRTK9C-RdgGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=5259701006572973000&adk=3030647&idt=203&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
3581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 14:00:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E701 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAzeupuEErSOeih49AkAjypLDfwCOG12xRsiCGZhQ1iuipKQKPG5_JgWX37UoAyY-yRcEoEs9SehNn1DgOUNN4j4m5XOg_tEF_XcAvuRGLY27i7yMRtMsclDQerNNbNfXFmf-59Ut9mavisJhxQOes64ePieG27za6QiRyKuazpg6u94w&dbm_d=AKAmf-BRrlr9y-cFtSvRPvKAdvfcktnUJDcyGYv03GTDD993RW0bySwy-eI18cc4Z62nziu-0YnM41Z0iGXAHRpEhPKoMgWnnLq9h2A6HKkUE6Twme2Pexpom2OR3HZNRZATqG1P6tOBtjQtC68qsesqF4-WHXVfw5_5gHNfoGc9zJRzleQl5jJTOdQlPpZK4SEB5g3omkpLMybIffWDMcRZ1syPkXkfUYkoex8Jbu23n8BPaa0A5alral_IsZ_5rw0ZWWEwSBGwhLMjtoht8oG8G9TrbZx4iWMipJc2aLoR5xIzEWGGJeBytpJMJb2lVAtbbIHgDK40Ntw1RXvwv9-txCmGs9Fieslw8_-yJvSoO4-FQu-8ofQSrVSFqrfe3rnunLa-laOFNLy1JveaaGK2hRVqJBwlxMgbMi4IpJyU2bgHUt92zYe-4lZC-x5Kq3U6pAjWrjiI2hXunjtX_ZqaTeBWPZ7aNDpTCwE7ntDfT3K3v5BKput0R0Q5gmpBhiFd6c8kyN9oqvy36vR2jxPyGAz7hAtLiBjVmsxMzWF1gFjzh0PyWGi8bdK112zCjJsFLmgTJT0OvFDxn1qbgYLWtC33NaKc5ZK8Ur7uOA-WcA0TVyAqBDjGWTxNt8SmUDafUHZvP6DjnfkPqHoViHB4m3Bq5bOR3BluBYEqngzxRWqDwW2AY8YLqBc53fpjYoVrNP7yf2hjJoqssw52NFYwFGWnojMrhFOWGCnkS-B-OM0fC4f2ErVBp8H0Gj5FOCmsGtlisv7qsbGSANA0amljxNzouncOkMglp67IBQFQkq7kE1TgaKqPEhCHOucoacxlAjH4Nd-3uyzhurtmRd1QB9t_Y6pApbeipqBO1rM2aBwqiw-an-15P0yeDe47SB6u0utJScn4uOeeg4Irfc0gDSWer6iVHCodUARtzMbws44ffAOGrwZxUXOBTdpbxR9WktQZrpZc8lbR2Xnov2-Lrpmy3kmzMv7uX6Z-xrinHjIRaPULbxKw-s8r0Ojno93kXoUPdAljxR_EuM2Li1Ci3e_hq807lkeIJIvq2khnoZjcf5d75fb99N9QUiAZQbpneFk1-l9Bq3g-fTeWWYglOOD0P7lZYP-1qm3Kd5PMEPsPpTpLX9CQa8O4-uZzTnnRwSZaPS3c5Ltqdv_O1jr4wX_-ng7BN2FfdPvMq_9njFO_eRBmPqVDBAQwArMGaKUEMURV721r2MuYYbWxRI16dUx-bmXldSN5Zgjx9WulxWzOkxaFOzjQzNFDChbkrbgJr5LZbyk4_sDNJ8axS79HIobvwi0Wpbx8344Te9vPRJ1xbzQMGc-yrYd339EDBy13ZZXgUmJKNQlVbZxC3fT2IMCE_34R-plTzt0rb2ByJxZGEIXr_wAVGmWN-5wtJzgx9_Zd9z7dwj9RRHLRYYNicvxAKCDvPGQDmLbbpXoePN4LyGORI_ldae3X9pxcocQGU3HkiwputYRbqxwAraBL1pITdAqVekukjZFE2JMnLi4Vd6-EvIQ1tScH2FkMGuB5fmEXrl51aR2PbKOTS1WLxLKKl1AAnwccxDFYIgJb6dg2nFBsnws2wuTyKzp9vc8wJtrkJGoe74kPcb5aiYxSH0T3kkzbFlg9wgAR__biGNNaw9qu4v_xLR9VoeDGRx2f61sTlfl2Sh4xwmqh-7fDh_zr2h9U_vzzlxbDXlaTBEZZPglVap9lbjCAjHVvjjb2WJb7eA8tgoEdREEOIe6weYMe-Iws1MPwPSJUH8F5LmvcdvbdRzmqUtuyovgW3i_DfFpzU1GSGvDiVt52gCBDxhKQwEUkDtDd92BVx3JMTC1_AY1TdhpFRA8wBRHUP4z0HgOVIV47L_XHY0nTRQpQjTrHT7Rkfys7BNBpjTQB4tBagyRm7UXVTDsHAgm99do_0ZnqwKEvy4t5i7zSk41cHeFBo5lU6OrZ9KJf5-uuWxC8mxh9WfwxGOVjJDqeVzR8pIAN7Ket89WOF71XLM3kGy0i6vLEApdEwdqgxC0PatMrkWMs49HXww_1qibPAWJ7Qi-hEpWCKHJ9oDrF5tykpe8yyug_6s2Xo3qMa_KItVYmMQByxW-9VUg796Y8R6h9wO7j3BL8eW8Z9x6w1G8rvPM5OQDS5WJkQNlzAywhHxNn3hzdPM8AJmhyzQoYya6oPQY9FCNLm0OSn5eSvwIKU8JVimEw2n8JuZX6wT88DeFm3Cahqr21sX6eso7d8Yq49R2prXWTY-RraP8pRU2sCfksQ5cKgg8EqBS9LRCh6w1rZF4FFxJkOlpOIrHwVo9mLWIwQZjwrw4YWCVTxNpqjh0kTmC7nlja0oDCn1V_ZChNKjlECwiaiHBoz8utTnnNXxqMg2LsQbD7A1Uh2WW3z11Vff6pWboCisdaqG8A3hBjc22VJVhm72zqVB2GnlOv6AzEgTOOXkjFARdmfEOO8fA3FF7xwNsFOvprGy1CcorxBYTLk46pPu86TanFMUSI643UgT8D6eHrjCLjPtbEcf6RkphzjJonSsPt5GQwDHWRjcf3GJNN0vPpb139fKuU4xSflsE41Mh1nozdxO_uYKs3zaEd4JXJhJ1QS_FftOyJetBWwFrRhaw3ltMVRmbrLnxD2YkGiqGUTuPqfSmpZQh5-ck1kewJcdITHYKkvbvIOqYaKv6AYmoFp9qazIBbbMowVat90uFLSjInMGTiCn5EgLzOtmn4gM7dKYPMp0Dzx8F8uhqhn-KZxVz3EpXtRXZ2Jb_QLMDvLJC0d0IRF0i68RkYyP_OqPrDpIIW3jRgDZCZY-kundDRz6WacgymYIKbR_5sB3r4-D8WH8gTEmmPwTidok0n7kXootlJwHr9OnHgxRPsCIw20lLpVNkE3tGyynzwropgP5wR_zKBpPbzgr3amCXdEvWSrNZ2ie9lUEqFYZkSOQrTRoN9KL3bxnPE8lf_HODxemC3vvRN0Kti-lLp3oEUZBMPd9LkEgXXc8g4VrsTPs4dM5grEBcfE6pE8e4soG_SFkt0SQ0KDDjjVTbWdLufcU0lhoaFnh2p_68sHqMQ2KvMIzC8V62EoDQOTw4EbrZf4-D7YXed_fQKNhy8fmUi6-sO0wgK601hXDVmeKB2yW4XJqZqXIGOQ_s4LuzSSqENs5r1kf4wnPNWYc-XvnXMiMm_Srte5nRGp1Vs-thvbcLYv2G5h3A3kf2It1uwQI-fMBQ8Y-e9vEYhXX4WJaFt6I1pErg-CRrQ2RImHvwJDAZ7HotkNRQCr_dVUBdLQVdzPP3rC5DhOuca44FFX89bKgi_7_C9KQHl_x3oMsTAW4XAJf2DxL3PoWxaZ0BhGKuSqLDcX_NWN39XV_rjlJ_MZw5HNPkc4QUKyiJ6cu4zBIiPll637K2UWaOIcW5VKwjjeFQiVLXqdUh3rsiuQTpcyf6l4TiPvtZPQo4UySqr6HC5U2UIhTG2-3Wllu-OISnXNkkmee46j9DSrOoH2g&pr=8%3A6EDA796CF1219D8B&cid=CAQSMgDICaaNg7GZtPU7WDnppyYOOuSTj4_NAe_mUtpJTWShbdU9YZaGbsao5QlRTK9C-RdgGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=5259701006572973000&adk=3030647&idt=203&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71379
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:10:59 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E701 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
593730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
usync.html
eus.rubiconproject.com/ Frame F075 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 15:00:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0760 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
280154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 09:11:25 GMT
expires
Wed, 04 Dec 2024 09:11:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame F075 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b35795583c515533313898d0e14334b4434610737c7acb1ae0846476559a2114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Dec 2023 04:50:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49790
Connection
keep-alive
Content-Length
13232
Expires
Sat, 09 Dec 2023 04:50:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E701 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:39 GMT
index.html
s0.2mdn.net/sadbundle/12399363937564646419/ Frame 4B21 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47e62e32edebec69ad2df63aae2c93ae75c9cf7c2634afe6b8b91f197890ae25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2431
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:39 GMT
expires
Sat, 07 Dec 2024 15:00:39 GMT
last-modified
Tue, 24 Oct 2023 09:27:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E701 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwosii--9lOVguqcJE_KmdhEmeMiUwrZA_nppwOQSmX6n-pczs0IKj0aWDiRgVk200c00ORjb32yvtsCaqgupBwB0g-w8tufJKBv0QcgY0SR_p5zBw7hDgVx_Jo8DIqwgZPqf51MhqB63gzcylgZX-KHQElkSW88f0xwEA6Cnwt4vAukvGWYNxg6ZuxQBl9gCTWaSJFSTV5df9Xnmje4tuSscqe_kj2lKQMOgfB5y0dwgs-NPkF6f4SCcFyxheu_Tkli92QVpnd-i7ynZpOHqGtxfW39KL5LR6d_XU6Mt7QDdD70zDMfXY5PIXufVtmEEXprNg8QiDaRVyRJhTOxlebVQCovAMjWZIhBP0aMWzQU2VKWhsadmxHzvvINehBxp5Q2mzUXZa7kQ97nMPgdmbAPkaqXiF1CoViujeADWrtJCVwU_4YNboTLobmBwRDB-EzyHNPpiht-Su4NbU8Za4PsdQh1eIZOweafg9K2nqB3jI98xzw45f3EQrIFPTiiLHEn0WSf5gYqpkrWk8Mt2hisM1q_gS_bxUdwTFAKiRoYVrRrKxPNWmZ_7srp9N6E9RUJT_ezuP1KKHTe-g6xVTwQn1qXV9BWwVvAPohi_2OvGdVA864X8gJGvBwOCH6FdoXE8RqM4Wqndn7LPvKRVP0g3Kr5Vc21KpviBdeqFuC2gcuCADCzk_vcpbcFourAxvbcL_B7FCTjZCSsBcyfE1irmfxu8kbIgv-exWt51j44YBGVxdZ5V41GeiHvbkDJzcee_tIHS91ag01REGDngMcivYchiulP6tWSsG2kpsOZ8qws3dovpZjrvtpogqa4cbrEZ2u9e_m4cwpIVSU9aKQ6hLTAkYnMLsQuTHTdT7GD_FMJNLalsOcHgwPkia_KPwqsLix23Zulcb4vB0v_bXk9iWJRkR9fkhCFnXMUQEeEnfRTXjh1lj0o-i-4L3LtGFAcM5Nk765o66Sz3N9ITyN-ee18dMQOa1yKkRdd4j34g6o9T8mMJzHbFqrkc-7iuvoC8CnUf12nLP2pu-cKRrxPyRwfs6fWdZGb4D2765jKNdwHoFfknhHe2a3L2sb_nsbZyygO5AbeEEkYA1UbtTk92aqQh4j4ZqRRUpWCn41Zb-NwFDD2hc7mYPmlsx9bswfwIB32KGXo3ekdgzrw5A0R51miTIZ6kY9ve8zxsd-KBkByYb-4nskTHlkVCCTIQOxXmZXb87nNXMjh_bzmlYMy1YFKc7RawM_TO1U0sUKWd9Vud3AbBM2TcAmBCJ7sH-OrnOzVM-r1Jw4rFjQqoM4EQywmo0cPcHl3jmDqS9yg&sai=AMfl-YRH0-3ZyMokRY19SoW15GU6Jm8LhlVkAHB80cXCNt5gvFsGY28Z7o-zq3HSVTWrir4TG0WpWvNvrT8tO4YBMY7_0YdK8BlkpXHvfaBIbivw_MNGAqDvHUmHhL4V4lc4PumhYpuJJ-XHfgzA17tInxxm-SdIS9DU85jCAeXHxs0dLszcu8e57vnFkqMEh9KqGcYrBW__I6zpOAdZLxculCkCJ8EZBKI9jG4FPnezi4SuMP33mlw8ZiyqGoELtkUyuZeRpO4HPP7-0hJVwABW&sig=Cg0ArKJSzIdyEziBOJj6EAE&uach_m=%5BUACH%5D&pr=8:6EDA796CF1219D8B&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=97&cisv=r20231206.45812&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame F075 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0760 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 14:57:15 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4B21 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 15:00:39 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 4B21 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 12:23:29 GMT
polite.js
joyn.kr-adstudios.com/img/banner-js/ Frame 4B21 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joyn.kr-adstudios.com/img/banner-js/polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12399363937564646419/index.html?e=69&leftOffset=0&topOffset=0&c=ZWTgJur5d9&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:9600:7:dde5:8880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde
Security Headers
Name Value
Content-Security-Policy default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 07:40:12 GMT
via
1.1 87e83cc6e8f384d40eab78133e901302.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
strict-transport-security
max-age=63072000; includeSubdomains;
age
26453
x-amz-cf-pop
AMS58-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
88197
x-xss-protection
1; mode=block
last-modified
Fri, 13 Oct 2023 12:00:00 GMT
server
AmazonS3
etag
"be0097968a4b98b9427d98c7c07f9716"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
x-amz-cf-id
Kop0f4A3j2n9cb-NfPpkpgGpeaUCSnz_IBo_sVJ7GjAOG2cOh0GRzg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 6DC4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWevcs-T7JFUdz97xFHNMUwU1bWQaP0m1AiiRmLwmvaOrczujjEyIapWaYJoQLZdZ3AanYyO7HdKxFHS0gOIkPIBuSe5S-WY6fF7KFQL1nPSuPN0MRMU59KF8DCnh8GmS-vPNnycYH5CR9&sai=AMfl-YQMcKOW3Lhb2SM5yOiQ9SCciqbU2xPXfpb1FmlSgu-xEjkcCUMPu200JyLC12adYFmVl5tn0Sy_1g4pVXzr8M7UEIkk3JDB_W90t1mHaLjxScX91SWXTvGW7gfcm2kYfolemiHCKBI&sig=Cg0ArKJSzNnuoyKcX1QnEAE&cid=CAQSPADICaaNmKLut3g6PTuuLgk84Gnwx6PJwm3XI_IDoyod3biOlj8IHQ4nnvEk1XvSdmdT3yjbnw4JDwMZhxgB&id=lidar2&mcvt=1001&p=99,640,149,960&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3810924492&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702047637872&rpt=255&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0760 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEGwtli9zZbvaMobmx_AP-qmN6AIAAAAAOAHgBAI&bg=!8fKl8r3NAAY3kmNgF5I7ADQBe5WfOAHX5iBdLCVVydxViJWR4etpxfu64Q16b4o9-Q-rkITwenX3yX31Ri0738IJAESsAgAAADJSAAAAAWgBB5kDi698r-HuE41gOVc5dNRQ9XCTAkLE3r-MeuHvScNNu7cQyBINBYhWiA6kQvocmn4hJIv5Q_A2ln_jYq704YZCzSffeU8lAfUDkb1fsHHL0yT1q9EGGCCfdbBGK5TloTRlcxFFhDCpbsuZjsl_cJIdhlF5iUGsQi07O5741GjtAh48eurARU5uVA2irmu92C9nc4pUubTlNM4R77AEw2L7AhWFXcDJxBb3G37uIMJeCl09-cXh2ChQLHlOjn5H8GAg_ZTKoaXytKRJEXlMHgb6LJq8qgpt4i34xZGu8bc1yPsRe4QWiJ1kRwf31m3K1zssCPth2jFpZFAFbCg8ZXFF0jr3nKt8rG4Ju8QlasV58SUMBihEgPoPq7CFDkQWpzH2Gm-komjD7GmKZMcy9jlXlZol11UWUMeWxfH_ceQWYXmoQ58iYQl9YZa3uOwpXW86gfZ3jmI0cRevcGnBWP4ORtxqtkMgr0yNSdzQZC89OvGaD9r6z1EXpb6rTp4CeCTtv26vc0hnBLts3nlY4vbZsIC-9GQnHlGUyn_X7OMyzMxyMzgFkQjjuzrAaTJHhmZCXSi9328eqNlrlcTCZEmkApdJz61Mh_nNdY3hWAEL_7FGvrxNulAMkSgDnZDopM7LWu-OlzDyT1gOBGyR-luVhs8XYdvggCLJ185okJJOEe1t3YyX5FR3zi2ID2jekSpVXbcqw9gzP21KDTpB7d_57cV6XXaHek4Jd1I0FCpjnTi_yKWlKCz0ulHtZR9ctJcnJSQm7C_JOuHHaNoQnsxc0YH8pG9nmoxK53ypW9kKYFeLNmDI1ObYrLmCWBtmfXHMEeEh7edUetQQEA77GmVocAeIMxf6ErMTfJUluJlmcBvF6BdgtGh4nxKTdZTd3KJWg9jhQQ4IaYwK_MuJk3q7aSEoMkcAiyOChQ36njDcyZ6Op4GcXnYtzqxc8T534-ze4zAvXpGDEu0ruSCpw31SwvcLP1lG71aX0rJowgZRXMeFagQI6eEboLChapiSETuVcgM3w2kXz1U5yW3cVQGYw2s01WPkCwRsPOhA_tomIm4tlxoD5aFUPTqo5M3enzdPidkPu7d8roDmwy10C23C66fEID9G7uwZdpJbDbGR2gWqj7D21WrXwrh6LD6jaaoUlFfastUjrhNTczYPkCY4sKM-o4IMuCae9srHuPNyIt1GDE0alhTa207mwGI
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2276 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:37 GMT
expires
Sat, 07 Dec 2024 15:00:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E701 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwosii--9lOVguqcJE_KmdhEmeMiUwrZA_nppwOQSmX6n-pczs0IKj0aWDiRgVk200c00ORjb32yvtsCaqgupBwB0g-w8tufJKBv0QcgY0SR_p5zBw7hDgVx_Jo8DIqwgZPqf51MhqB63gzcylgZX-KHQElkSW88f0xwEA6Cnwt4vAukvGWYNxg6ZuxQBl9gCTWaSJFSTV5df9Xnmje4tuSscqe_kj2lKQMOgfB5y0dwgs-NPkF6f4SCcFyxheu_Tkli92QVpnd-i7ynZpOHqGtxfW39KL5LR6d_XU6Mt7QDdD70zDMfXY5PIXufVtmEEXprNg8QiDaRVyRJhTOxlebVQCovAMjWZIhBP0aMWzQU2VKWhsadmxHzvvINehBxp5Q2mzUXZa7kQ97nMPgdmbAPkaqXiF1CoViujeADWrtJCVwU_4YNboTLobmBwRDB-EzyHNPpiht-Su4NbU8Za4PsdQh1eIZOweafg9K2nqB3jI98xzw45f3EQrIFPTiiLHEn0WSf5gYqpkrWk8Mt2hisM1q_gS_bxUdwTFAKiRoYVrRrKxPNWmZ_7srp9N6E9RUJT_ezuP1KKHTe-g6xVTwQn1qXV9BWwVvAPohi_2OvGdVA864X8gJGvBwOCH6FdoXE8RqM4Wqndn7LPvKRVP0g3Kr5Vc21KpviBdeqFuC2gcuCADCzk_vcpbcFourAxvbcL_B7FCTjZCSsBcyfE1irmfxu8kbIgv-exWt51j44YBGVxdZ5V41GeiHvbkDJzcee_tIHS91ag01REGDngMcivYchiulP6tWSsG2kpsOZ8qws3dovpZjrvtpogqa4cbrEZ2u9e_m4cwpIVSU9aKQ6hLTAkYnMLsQuTHTdT7GD_FMJNLalsOcHgwPkia_KPwqsLix23Zulcb4vB0v_bXk9iWJRkR9fkhCFnXMUQEeEnfRTXjh1lj0o-i-4L3LtGFAcM5Nk765o66Sz3N9ITyN-ee18dMQOa1yKkRdd4j34g6o9T8mMJzHbFqrkc-7iuvoC8CnUf12nLP2pu-cKRrxPyRwfs6fWdZGb4D2765jKNdwHoFfknhHe2a3L2sb_nsbZyygO5AbeEEkYA1UbtTk92aqQh4j4ZqRRUpWCn41Zb-NwFDD2hc7mYPmlsx9bswfwIB32KGXo3ekdgzrw5A0R51miTIZ6kY9ve8zxsd-KBkByYb-4nskTHlkVCCTIQOxXmZXb87nNXMjh_bzmlYMy1YFKc7RawM_TO1U0sUKWd9Vud3AbBM2TcAmBCJ7sH-OrnOzVM-r1Jw4rFjQqoM4EQywmo0cPcHl3jmDqS9yg&sai=AMfl-YRH0-3ZyMokRY19SoW15GU6Jm8LhlVkAHB80cXCNt5gvFsGY28Z7o-zq3HSVTWrir4TG0WpWvNvrT8tO4YBMY7_0YdK8BlkpXHvfaBIbivw_MNGAqDvHUmHhL4V4lc4PumhYpuJJ-XHfgzA17tInxxm-SdIS9DU85jCAeXHxs0dLszcu8e57vnFkqMEh9KqGcYrBW__I6zpOAdZLxculCkCJ8EZBKI9jG4FPnezi4SuMP33mlw8ZiyqGoELtkUyuZeRpO4HPP7-0hJVwABW&sig=Cg0ArKJSzIdyEziBOJj6EAE&uach_m=%5BUACH%5D&pr=8:6EDA796CF1219D8B&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=304&vt=11&dtpt=201&dett=3&cstd=97&cisv=r20231206.45812&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 31A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4sMq2QJ9A8ZoYTDa6bsgiYemScOT5cc6nqEVAvsgAeJdO9Umyyx3b_Guee5AfDQo5ZNuK4qxClhMCwt53Fcdye6awNyAURhr3n0q9VLsY81gZxt_FJqY7HPijZfSYyccAKxvf_yAX0QIhgLSNsrxNU9jTgsAiVFF7i-R8b0uwB8eaHwgKwSiUb1TOmUy6bcou5JYm1Ar9VCj557gKq-fuQ0zxKPmHOQj751MY1efEequUKLYhD-iWxKwD_9uS5HOf_KXouvbl4k3V5-0wHxqU056SMUVdEJSkT3uBKfeV3oBIGtBC9q0hnlv0CGc0UUdX_CGYNuuIDIOf7lt_jtgilVsmAvNpbNEdKHUuQAq32bbT64oDN-iz93PMHEbodZqSoy7KPP9t63TzocMYHw&sai=AMfl-YRU81FuUvoviTOLLpkdEIUN-0baY00QXOB9Vg_XcszUmAGVk4kOA1vTPpX5_2fRCzS41rMnr5iw8Ji8o0-MYHA0w2sT899tsnO6kE2ywcBBybRQ18RIPdvYTwIQkanSMX_sq3isS-Yg9w&sig=Cg0ArKJSzOrtSp40BXuDEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 15:00:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B21 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29cdbdf522c538e3de84c0bcb316a4ebd32eca77082d1582506537a338cb799a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5924
x-xss-protection
0
logo-joyn.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 4B21 		864 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by
Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 04 May 2020 20:14:51 GMT
Server
AmazonS3
x-amz-request-id
PBB75HYY2N9DTGVA
ETag
"4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age
0
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
864
x-amz-id-2
7+ewMuFQWlx6taKt+d514jHb6pOa+Go0IabqyDQJCnNktOHqtkyYjKDEOlirMEnQ8GOTaL+y5KhWJRRjdq0VAQ==
baseanimation_su.js
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 4B21 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Requested by
Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7017dd89c36e7c0b58a09fd549d82ab2cb94222822c3fea417b5f9b8a87390e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Fri, 13 Oct 2023 12:02:33 GMT
Server
AmazonS3
x-amz-request-id
PBB7D8NYCJ3627JH
ETag
"a4381331c24e7a56145aabbdbaa4402e"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
31370
x-amz-id-2
y5eEX57tKWAjWGr56UKpsavmlWereA9n6KnNQm1VqSXtRBKYlYU4+oR8orgcr5/+FhupVxF7BAiPh3vs3N8APA==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/728x90/ Frame 4B21 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/728x90/teaser3_@1.5x.jpg?v=202312816039200
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9bb81ff9677b3198471a835c4b4bcdbac8bf83690aed07305944baf02f240f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Wed, 16 Dec 2020 17:37:12 GMT
Server
AmazonS3
x-amz-request-id
PBB34H0SHKMRVR0N
ETag
"0d2d67b61805fccf0215898aaf792881"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6512
x-amz-id-2
zpG7D9FqrvvnDOiadaSblMIFiDll+VZMpLf2tsB7ZCdk/JhBG2NkRkCK7im7RHDTQ5w7q71XAFhOgDCgVnGwqg==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/728x90/ Frame 4B21 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/728x90/teaser3_@1.5x.jpg?v=202312816039200
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c02562a57e9268300e4d34ed8a8a37c6215f08ebfd3c24afc8a31bf33293a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 13 Feb 2023 16:29:34 GMT
Server
AmazonS3
x-amz-request-id
PBB2E7E3TP08XJMC
ETag
"7056b091b9f5aa3a3f31e21bd47544a6"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
14375
x-amz-id-2
nO7zpGl5OC0OyNWW8qgBuxylFH0OfD6yJo7axBzS+a1RAvOFrq7vzPR8SI7UGRYqResXdFSThARnJxsJtcj+Vw==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/728x90/ Frame 4B21 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/728x90/teaser3_@1.5x.jpg?v=202312816039200
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
faa576f54633087872ee4c26a4ad87b2f864f5285b2cb21cb0ed3132fed1c557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 13 Feb 2023 16:41:00 GMT
Server
AmazonS3
x-amz-request-id
PBB95FYK3ZCS402T
ETag
"ffd20f46a6c01f6bfef1c8ced1180ae3"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
16260
x-amz-id-2
/JGF+XUSDBdQK+y5njaD4U1ZXMmhgiT8HkbmJOMwRNd4YLiNsWzZv7oFtiqla6/T26Minl1yLS5o7zXmB/f42w==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/ Frame 4B21 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/logo.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d49809a3e7379f46dd69f308337cd8c570c31e539c33e3183ace04b7935f802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Thu, 30 Jun 2022 09:22:42 GMT
Server
AmazonS3
x-amz-request-id
PBBATZ2CG55C9TWH
ETag
"b65585e8a39ffa47975c42b9cddaf2e9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11723
x-amz-id-2
rVGRPiE0ITdjgwTUPv4urnZwqvkVFheYbPx1Iya/hb943M7qys3lItgwjbtiC0sXmVEQT5xryjsK5UmgJ4G1aQ==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/ Frame 4B21 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/logo.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
56fedd576ff4a20677e36cf4a3464674224723d71f39af53d846a9a261446e70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Tue, 04 Jul 2023 13:25:20 GMT
Server
AmazonS3
x-amz-request-id
PBB6RFRYFAG779X1
ETag
"29df3ed88ee60bf8440fd4367a874fec"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4464
x-amz-id-2
OM9SReGqQqVrou+IXglhQnw4HWzITUW4vv+WMH3Xvws6l++yg51xR0+eo/OeGWD7MfKvqnvfTLescJnEzVyyhQ==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/ Frame 4B21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/logo.png
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7b006c26b599c26431ec98f5891b32af7dd70a9a19397e5147a9ca534d2132db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Tue, 04 Jul 2023 14:07:39 GMT
Server
AmazonS3
x-amz-request-id
PBB38VT1YBQYT14X
ETag
"fffdd48e920b60c5e7c051438fbbf195"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5804
x-amz-id-2
uaa96i6mSvHXWswPLXDlhrQnAImlX+A8n6GK5BS51FgC4RtcOD6IdANIBk250+3zvXkXd+ARqQbUfIRLu+K+rQ==
sat1-gold-medLib.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 4B21 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/sat1-gold-medLib.svg
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
088a736ef08892e4bd88c860153761272be22358fa2e3f82f92a9e6ffacdbb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Wed, 16 Dec 2020 09:18:30 GMT
Server
AmazonS3
x-amz-request-id
PBB0PPBCXF090VMF
ETag
"b01e1fb8641e38c14d25a48df24813c3"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1145
x-amz-id-2
1qlG4E4XJfD+AjwHYwYd/gIORJb8YSPEBzH440jh2nT5WdhN1LqYAcAwUbHI6jKMw8RcizMNCgQ9dYVEf8si/A==
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2276 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:25:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
318925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Dec 2024 22:25:14 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 2276 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3520
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPpQADMGjR5btHtfvv3KuWxS8xQSopjJPESu76WYQ%2F9y4Rmz3cbTTI30j9gXgcCWLO2gCvLO%2FGZwcfHVBAfQQaLtRpyNIx2GCfuYsqqwHZQ8NoR7EoDw16JQKEpbGFtnJCaVh2b60dHX7ML1CbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8325e1118e2f1c19-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2276 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudm7ffq_P3KnO7C7scqdHT9CBocD6f2y0YHv3cDiL97H5fWeSwnz-4JPMVOM--4zvGySDxih4SsZy1qhpo4hy4iJ1UNGrCCXotB58M1JTJFKtAZc0StYrctii26eYvziFl3Sq5jo7nUfpWEIlXkUAUs8Oc-w6Bp1jmbqfaMZAjYA-fyKEEumY-NMUNcO7hQLso3XdUT_QUHE_1mHiKGcozvSUpmQMSLEugTjdTRH7JjJVTutRjZt78xIy2JbZRZPOhf_TVRhFdQavNgAWEXNNUkfnpXP03GEIp83upbLVbslNBxmGimBzYiEQPwmufwJbx97dfOoXBl0e3Rn3LVLilTuyDIMl0cQ4sRw81Ot1XNsS4QeR6sdlbHswry7kKxpn9yf5wihA9nZZXGAy7Fuo&sai=AMfl-YQtnOJbF0SGC1kuP0TnggcHiSf3GirbaEktjXxXHApg8PN1zxsGDVwfPGXlBOKklFr5NQOHN0CVqKeUyxAaikIAed0hNDr6norP3zDlfUKkoE5SBR7EOQNg-nu5BIDgHruwow1bMdj7&sig=Cg0ArKJSzIi4YCsPo1e5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E499 		281 B
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhi8pLJvMAE&v=APEucNW9PCBZMUTvddgR4Sb6SBWsRtEIYXuBgg7-YQ-X4naK00dAKDA3AyiPMgBnlf5PqtIP6p4CDjuVljU42uC4sILzs-GuRYDpGDugUtx4g4om_vaBJQc
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 424E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 424E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpMDPnvKueupRzegQU3a4l_2C7epyVzvKNxdcXbIZu9qeV4sTDFh_mT2szHj6xazxOLfI3zfLSKp9k4FSA1X2sskezjIJdM4RnrxNhDZOY5_jL8dI
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13df2871-60cc-4401-b93a-dea0c5af6203
beacon-ams3.rubiconproject.com/beacon/d/ Frame 424E 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/13df2871-60cc-4401-b93a-dea0c5af6203?oo=0&accountId=25230&siteId=477094&zoneId=2872706&sizeId=9&e=6A1E40E384DA563BF76AC9C6446F54A310BAFE0A4E74280A75A8976474DA85B111CF860D63D2BE851CC94E5509BE018E5ABF4BC26238BE184C65F1215C9A8390058B5F43B7326BE470BBB3687CA0197E0E493E48E3522B640A90B3FA1D69AF5A5FF076962D249C94D642AFE9987AB55A74BF4DFFA74F2F04FBA9AECADB7E918D4E6FC96756E5E5713E0254ECB779732DE7A684F189093401B76A24C7DC1F636BA92428B15313409E3FF0EC436224266551DAB9DC3F498630CDA10306204D320B
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:38 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B21 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 15:00:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame E499
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEBO9UtkU74Sj4Er9iL7laRg&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEBO9UtkU74Sj4Er9iL7laRg&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=8454f4ab16f81f8613ffb6bcc59494f6&uid=8454f4ab16f81f8613ffb6bcc5949...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhi8pLJvMAE&v=APEucNW9PCBZMUTvddgR4Sb6SBWsRtEIYXuBgg7-YQ-X4naK00dAKDA3AyiPMgBnlf5PqtIP6p4CDjuVljU42uC4sILzs-GuRYDpGDugUtx4g4om_vaBJQc
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 15:00:39 GMT
Last-Modified
Fri, 08 Dec 2023 15:00:39 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E499 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhi8pLJvMAE&v=APEucNW9PCBZMUTvddgR4Sb6SBWsRtEIYXuBgg7-YQ-X4naK00dAKDA3AyiPMgBnlf5PqtIP6p4CDjuVljU42uC4sILzs-GuRYDpGDugUtx4g4om_vaBJQc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2276 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adb7ce488750e49ae1913e28b9db87927cc155c393b42f0434826811905c4fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 59D5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 14:57:15 GMT
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/728x90/ Frame 4B21 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/728x90/teaser3_@1.5x.jpg?v=202312816039200
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9bb81ff9677b3198471a835c4b4bcdbac8bf83690aed07305944baf02f240f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Wed, 16 Dec 2020 17:37:12 GMT
Server
AmazonS3
x-amz-request-id
PBB0ZPXT5QSSRK3W
ETag
"0d2d67b61805fccf0215898aaf792881"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6512
x-amz-id-2
+Ds0sDXiDXfIPy0eqzEkwt9Tx1PpsaVwCR5Cfkf0EPorO9adnue77T3zQDbHjjgFaB+v8AX3ZS8fX4c+HHj70g==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/728x90/ Frame 4B21 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/728x90/teaser3_@1.5x.jpg?v=202312816039200
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c02562a57e9268300e4d34ed8a8a37c6215f08ebfd3c24afc8a31bf33293a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 13 Feb 2023 16:29:34 GMT
Server
AmazonS3
x-amz-request-id
PBBCP1ZKNMWPRHKY
ETag
"7056b091b9f5aa3a3f31e21bd47544a6"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
14375
x-amz-id-2
7VXItnUD//dqD7IqQHYPoxGTMyrmO07Hz0jANzdJ69QwQT6iZuDQAP81EFJm011PiRq40FnKRDUAIN17Mz0/mA==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/728x90/ Frame 4B21 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/728x90/teaser3_@1.5x.jpg?v=202312816039200
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
faa576f54633087872ee4c26a4ad87b2f864f5285b2cb21cb0ed3132fed1c557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 13 Feb 2023 16:41:00 GMT
Server
AmazonS3
x-amz-request-id
PBB20R9DZCHE72WP
ETag
"ffd20f46a6c01f6bfef1c8ced1180ae3"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
16260
x-amz-id-2
eQjz6FfW4rEEfwJk6784be+IoQJQCG8dXYi0WYM0vbVPhGA3pypeCz2gGFbVd5wD1Nr3d7NfJzmIkDVo24zacQ==
truncated
/ Frame 4B21 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame 4B21 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 424E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1583465704816&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 424E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1583465704816&version=m202309260101&ct=76&x=8&cor=13541817837438583000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 424E 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKSRi3YrVm9W2uwHig7CRfliRY4PDJ0cteNa1Z-1VbVNSy9Nkzq3FW-O0F584mZEITJyOAufNyhaauys_7oMrRrt2GRbf1Vkg0n5aR1fMBPlzRChfol6NaYtIpc0Gyz5ILOrUw6ud0xZaH0RObvPmV8IrZogo2HWwXBSSj5VpBpQb8_iw&dbm_d=AKAmf-CAmLDqXj40pBOWMTmrMNaazA8-PeMvJHS341wldaiEmSapc5NH-mC3FDTXAB5DE29ze9j0HWebOINgL04uogGHgKzsSROe58DbZGSCG3bRyDhKm9AKCa5xM0LQSGvXfzCwfmsMpjp9bB3dp6euMRlCHjYMc9cb-r7brmNScdp76lnRC-2xXDjiAHJaDr_cISKKOTlqzn59Ek51_xAbKwBp-8bD-_ziJIols0zwDgYVQ2ddpBdETrxQzBkywXVIXoGpoWHJ4h2Ltdh0DB2lt4O6EIzjsqkotuz6X2dC0lFgOfsz2EXn3HbLlfp-YzCMLaG-OArJDeWLkfrRCgpeNihZcm2-UftPOIcwLO0GYsdVOar7vdIDcfH7kLMNt0_ocjYLp-riPsswGDM8kh0bTO3xMG8wvbJUf_KA-ql3MtJrMtAl5J6-mJYusqpIygMrivtCz6ZBrqWBaGtfRRRge7qKLbY-5uqayoxUCgsRL8Vdz1Lp5NuLuvSnrHRF7x8hOAlAYIJdhcU6h79cBdsYqJTxEbPf0RjC-Ia8KV0q-2QkgOjSCtm85_uc7eBODCDAkFQk8adU1o_Ec2RgYOvxK6GueE1jmmdqHUUADKG1wiJ4R4F3jCFJlSk8skeM5YWTwAy482S5jw0TuXjYKSHbLKX_GXFjvy-IpQvLvmaDATh_6PgE0LaLC32Tq2WUs2H76noOqgWX1wZkEq8dNpebwk0azdkIrSFseCEDm_pIaX0LOjH6nyZpX3iZ7q6KoU0ENxc2SczrpnhF31kwTHVpZLuediWUiHWMOUcTeoKt90WJq7dScgudjxeXsSHQ6I4X61X59fF4tpNTQPZrCyoReUUzRJ2gRs3NB6hssVlHgss6PP4e5dmEyRUYe2jfG8pOyK7fRwjcFi2oJI2Z5MzR6JR6bWgx5Oli0Ctqvmm41P2zUDy87eysBnBDwqW65udy17UavaVUh0Xes4asGHRAslpnkP718ZgrgUMWY53ZbHYzYSdWkIa_8KdEwFB8bPEWkHGHi2ftqArqIFZO9rroNc6DxbgDvTEgFanIiB0LMA2GE09QRyZ2iovhQ5e7GlGny305Bb3-nLjOAq0OzDq7if8vTPwXsT1JrzOJWhQOGfMVYg88RLcpvQ-5a8R4nbKKjMmoXwUkJHmgZZpkvhZbZREe_D1M2NmtKMlKcCzx7iQRcf2Tj000TQfFjiQ7ABGiwuOlMfEUMPEhbkLuFGFkaMN8royMJB-ImsNC2I6PZOuykNT9gRi7qEAGAPcBsOoenkO2EE9R4KMMps9mclUk7Q3zy9OVg9Ldso-L0KLU4gZ9plk2V679J5SJZ2puohUvlG3hERdzmnBVDhoHrjkRVrb3jvPguuMv85lE88cpdDShrwHKKy_Hcbwlqgz1VHoxNxwfe0R-BMo3xXBGs2Prmiz-PjVBdSsIe1a_fykaRG3DnY5drQi_f_xvHCBVNe-orm0vI6nZxjfyR4egnk06w6xZRMmGfOvVi7dhNDLMcIprQEc055p-udeX9SxwN0CGypbwb0IHCC_AtaLtze8YuIJvJiIMQTQOCja5qCPNvwvq6I1IT1YE4i5_uP673dcHj_syHWQ3I1sHGf_xIVftrPzlXtvrlTljcJpm6dtIg5_hvlnCCLhpzUhybnydJxro7dE9kxcsWKdkQUYo65z9BijW2STgyuf6uZ1K_d52jK--lz4QMlB1rK64PfjhHfimePFH2engStgFxly3gu2U_IzMhJMX14-yVrYsLZzj1AwwNgSIHd8W812Oo-iYdilWxBP-7kPGKQZ6aT3Qey6Ghxixy7Sw1-wFfp2P0S5KGfz5MYgOrzEGoBRX0euQRtXSqEhB8VmAdCAw3QuAr7vduyo8vOnT48seBT_n3Ju3qkPMnd2EhfLyMfOCL7ZeGHMya5RR8T8J6J7sdkOSakQG98C2uAWl-_L9hngIGX4JgCNtDb8kadEp3C4xrQd-XAmP4h6SY68ycq49GGqY0O25lEEaUqj3BelbX0qyaRG4TSWNZhQmQuzkGYtdu3bXN1RSJJMJlmUOx2s4-zrFxt9oBjfc3jbpicznB8Glryxajpbnfkl25cMrDTCdluCN4r8tbit6hGJIjG3XCQIyGdkyBljdZ4rZqbLtyrpuOoS5Qa1LVY5UQulEDJ0WqdnU0E-KnL_Ho75mGllxRVnvL7IzFXOxzOciVI08-2mfPAwMoubjlkaeDXIxEVYQub1ni9JHtZ6IF96rREH55Brc6C1nIKEcwVOVTAo_yS21YHO3gfr5UrsYeHXHIvijNvRCD2fvYlLIeIzvpIfbu7dxTL4PcBw-9fvHp1NAshsV5PVOS9on-ONEZwykCXZJVs81hnqXZEnFbNPeSWk9UAn2eUF5PevmbLgY9vaYiPpBl1VYf7Zmk1CfB-NaSXCKoz5GB4GPs55mxk3WKOCpLtiPjRjllHnF--GpC3rVAirpFnC2L3g8ByslD_IOuMpWjlu8Zt_3E_ZT4UR-hDVsaNPivRKTRAGQDDfNHgXqRYQXeLXgwegazK9n8hUD6KbRTRBtScS6djkW7AHzbY7kggn_kS9wh_spNX0J1aRfcukKt5bXjlOjC3mCHv0flfswc5lj8CsYCkqOx1BDPZHpPniXqQjhNFU16TyVor1sqnoqLSDKHYcT7xFYZLYFMCambQ187rS3dldGJ3bxCrE43Bnx9Br3cSKbSbajyxZ4C-YCMghNH_sO11x0oi_eFl6yez1F9f2-rlhx0_b5QD9mwHDl-lp5b1GBxhNJDzr5j0_EWSM-axu3787mkBxXF0nexQ8ir4_hdw1ZnRmjskLsr7BCRuwLgV-xtsfnBsv4WK-OHh5naYM-Jfl-rvCuw7VlsbFNfRAJqhe2b83nJ7KEHLbKW1ddKW_Ne_I2I9AutxQH-aa0TnNM1OOJZw4NDcL7ItbyaaxYPob-qdenxh4Wn6dVSQuXqxOFD_wv08U8rhv9nHJpju0vW_vLJQmuhGUxQEYSspouRf4yWj4JYr-xocpEWHjDn45imndyI6bNQaKiTTZEIFWGjdbCdrGmKtsrtZmMEP3Z-NfJVyyptbEpGm4UIYjJdrEvXIWOsUCdV7gDx6kQSL2n9gFl3e-OllQmmsBefzY3ln3WAgUWwg0K_Uj4-n6iJW1jkUqJE2XjzQTnC0ncKc2OHbBRkz8g3WG0TTS9M1TtBmTMsS5eEMw967I6lJrlB7lQSK8ZeqAGtoj0Df8Ej-yXn1btH5fvSHoxKduV29Dj2SI0kRDHXIhvUUAhbVtjzbEAlquxa5wHbU9YEb2KehmCrm8hsGX6_y22nd9DKEYuJ2Vd21U7QPEb8OzLdvODjLPGjSRYEO4Ed1M8Ljg1pVm5GuznbhKhNxHDqN2UmGt8-ZECE_ce6llhuvdkoxIhsvx0JqeIqBw9c1MO6rnzL6PxxtbmgrIr7E4VlniYonMRvxk5z2WEWuAB7azmDmLV23qTEXwf1Cwr2s1GteRbfYG-izszkU0&pr=8%3AE1DDD3F954D276F4&cid=CAQSMgDICaaNA8b58p423k4yzHG5Died2eT8chatLfWI7pZyiNvZCZgTakLuI9-Z9Pzqyv9QGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=13541817837438583000&adk=250276039&idt=149&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c96b29253ad99be379f0fb6810b701fdff2071411f2b2dc0237314490aa428f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/ Frame 4B21 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyp5xwz7/logo.png
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d49809a3e7379f46dd69f308337cd8c570c31e539c33e3183ace04b7935f802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Thu, 30 Jun 2022 09:22:42 GMT
Server
AmazonS3
x-amz-request-id
PBBAMMRFJBXAFMNB
ETag
"b65585e8a39ffa47975c42b9cddaf2e9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11723
x-amz-id-2
ru2rUlxJwR8UrXy0Km/AZlRYG88nErJM2NPvTft1xdoyxwJ3bd+apfzXrfs2GiJ5wQNz2DuohGWsumjsMZFUow==
sat1-gold-medLib.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 4B21 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/sat1-gold-medLib.svg
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
088a736ef08892e4bd88c860153761272be22358fa2e3f82f92a9e6ffacdbb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Wed, 16 Dec 2020 09:18:30 GMT
Server
AmazonS3
x-amz-request-id
PBBB8H7AFBMTYSKK
ETag
"b01e1fb8641e38c14d25a48df24813c3"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1145
x-amz-id-2
O5e4bqht+fX0mCyL/lLfTURLlqlySTghookzw0Uhz3cYx43QOem+IuC63LueYq2M1XeHwhp5u4sVyhQfulkeqA==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/ Frame 4B21 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plavyoor9au/logo.png
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
56fedd576ff4a20677e36cf4a3464674224723d71f39af53d846a9a261446e70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Tue, 04 Jul 2023 13:25:20 GMT
Server
AmazonS3
x-amz-request-id
PBB6JT8S228MWP9N
ETag
"29df3ed88ee60bf8440fd4367a874fec"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4464
x-amz-id-2
jfsK4J7Iq5yCCEU4A1z16PBJHeKvcv1UlziiTLjH8oy3kOIOBgc0x63GV4mriRqjYqrPJWVNcZak6QZB48y/pw==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/ Frame 4B21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p1bp931e2rp/logo.png
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7b006c26b599c26431ec98f5891b32af7dd70a9a19397e5147a9ca534d2132db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Tue, 04 Jul 2023 14:07:39 GMT
Server
AmazonS3
x-amz-request-id
PBB3D4XHP4NQ3S5R
ETag
"fffdd48e920b60c5e7c051438fbbf195"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5804
x-amz-id-2
2732/RSOAdKNoeYxMM2ZT7QQRunB8yTfFQLiTBWXP/AfWYclsofXna2U4jKy4GXMjfNYnYxirkJqcKzX6qIIUA==
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 424E 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Origin
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 19:32:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 424E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKSRi3YrVm9W2uwHig7CRfliRY4PDJ0cteNa1Z-1VbVNSy9Nkzq3FW-O0F584mZEITJyOAufNyhaauys_7oMrRrt2GRbf1Vkg0n5aR1fMBPlzRChfol6NaYtIpc0Gyz5ILOrUw6ud0xZaH0RObvPmV8IrZogo2HWwXBSSj5VpBpQb8_iw&dbm_d=AKAmf-CAmLDqXj40pBOWMTmrMNaazA8-PeMvJHS341wldaiEmSapc5NH-mC3FDTXAB5DE29ze9j0HWebOINgL04uogGHgKzsSROe58DbZGSCG3bRyDhKm9AKCa5xM0LQSGvXfzCwfmsMpjp9bB3dp6euMRlCHjYMc9cb-r7brmNScdp76lnRC-2xXDjiAHJaDr_cISKKOTlqzn59Ek51_xAbKwBp-8bD-_ziJIols0zwDgYVQ2ddpBdETrxQzBkywXVIXoGpoWHJ4h2Ltdh0DB2lt4O6EIzjsqkotuz6X2dC0lFgOfsz2EXn3HbLlfp-YzCMLaG-OArJDeWLkfrRCgpeNihZcm2-UftPOIcwLO0GYsdVOar7vdIDcfH7kLMNt0_ocjYLp-riPsswGDM8kh0bTO3xMG8wvbJUf_KA-ql3MtJrMtAl5J6-mJYusqpIygMrivtCz6ZBrqWBaGtfRRRge7qKLbY-5uqayoxUCgsRL8Vdz1Lp5NuLuvSnrHRF7x8hOAlAYIJdhcU6h79cBdsYqJTxEbPf0RjC-Ia8KV0q-2QkgOjSCtm85_uc7eBODCDAkFQk8adU1o_Ec2RgYOvxK6GueE1jmmdqHUUADKG1wiJ4R4F3jCFJlSk8skeM5YWTwAy482S5jw0TuXjYKSHbLKX_GXFjvy-IpQvLvmaDATh_6PgE0LaLC32Tq2WUs2H76noOqgWX1wZkEq8dNpebwk0azdkIrSFseCEDm_pIaX0LOjH6nyZpX3iZ7q6KoU0ENxc2SczrpnhF31kwTHVpZLuediWUiHWMOUcTeoKt90WJq7dScgudjxeXsSHQ6I4X61X59fF4tpNTQPZrCyoReUUzRJ2gRs3NB6hssVlHgss6PP4e5dmEyRUYe2jfG8pOyK7fRwjcFi2oJI2Z5MzR6JR6bWgx5Oli0Ctqvmm41P2zUDy87eysBnBDwqW65udy17UavaVUh0Xes4asGHRAslpnkP718ZgrgUMWY53ZbHYzYSdWkIa_8KdEwFB8bPEWkHGHi2ftqArqIFZO9rroNc6DxbgDvTEgFanIiB0LMA2GE09QRyZ2iovhQ5e7GlGny305Bb3-nLjOAq0OzDq7if8vTPwXsT1JrzOJWhQOGfMVYg88RLcpvQ-5a8R4nbKKjMmoXwUkJHmgZZpkvhZbZREe_D1M2NmtKMlKcCzx7iQRcf2Tj000TQfFjiQ7ABGiwuOlMfEUMPEhbkLuFGFkaMN8royMJB-ImsNC2I6PZOuykNT9gRi7qEAGAPcBsOoenkO2EE9R4KMMps9mclUk7Q3zy9OVg9Ldso-L0KLU4gZ9plk2V679J5SJZ2puohUvlG3hERdzmnBVDhoHrjkRVrb3jvPguuMv85lE88cpdDShrwHKKy_Hcbwlqgz1VHoxNxwfe0R-BMo3xXBGs2Prmiz-PjVBdSsIe1a_fykaRG3DnY5drQi_f_xvHCBVNe-orm0vI6nZxjfyR4egnk06w6xZRMmGfOvVi7dhNDLMcIprQEc055p-udeX9SxwN0CGypbwb0IHCC_AtaLtze8YuIJvJiIMQTQOCja5qCPNvwvq6I1IT1YE4i5_uP673dcHj_syHWQ3I1sHGf_xIVftrPzlXtvrlTljcJpm6dtIg5_hvlnCCLhpzUhybnydJxro7dE9kxcsWKdkQUYo65z9BijW2STgyuf6uZ1K_d52jK--lz4QMlB1rK64PfjhHfimePFH2engStgFxly3gu2U_IzMhJMX14-yVrYsLZzj1AwwNgSIHd8W812Oo-iYdilWxBP-7kPGKQZ6aT3Qey6Ghxixy7Sw1-wFfp2P0S5KGfz5MYgOrzEGoBRX0euQRtXSqEhB8VmAdCAw3QuAr7vduyo8vOnT48seBT_n3Ju3qkPMnd2EhfLyMfOCL7ZeGHMya5RR8T8J6J7sdkOSakQG98C2uAWl-_L9hngIGX4JgCNtDb8kadEp3C4xrQd-XAmP4h6SY68ycq49GGqY0O25lEEaUqj3BelbX0qyaRG4TSWNZhQmQuzkGYtdu3bXN1RSJJMJlmUOx2s4-zrFxt9oBjfc3jbpicznB8Glryxajpbnfkl25cMrDTCdluCN4r8tbit6hGJIjG3XCQIyGdkyBljdZ4rZqbLtyrpuOoS5Qa1LVY5UQulEDJ0WqdnU0E-KnL_Ho75mGllxRVnvL7IzFXOxzOciVI08-2mfPAwMoubjlkaeDXIxEVYQub1ni9JHtZ6IF96rREH55Brc6C1nIKEcwVOVTAo_yS21YHO3gfr5UrsYeHXHIvijNvRCD2fvYlLIeIzvpIfbu7dxTL4PcBw-9fvHp1NAshsV5PVOS9on-ONEZwykCXZJVs81hnqXZEnFbNPeSWk9UAn2eUF5PevmbLgY9vaYiPpBl1VYf7Zmk1CfB-NaSXCKoz5GB4GPs55mxk3WKOCpLtiPjRjllHnF--GpC3rVAirpFnC2L3g8ByslD_IOuMpWjlu8Zt_3E_ZT4UR-hDVsaNPivRKTRAGQDDfNHgXqRYQXeLXgwegazK9n8hUD6KbRTRBtScS6djkW7AHzbY7kggn_kS9wh_spNX0J1aRfcukKt5bXjlOjC3mCHv0flfswc5lj8CsYCkqOx1BDPZHpPniXqQjhNFU16TyVor1sqnoqLSDKHYcT7xFYZLYFMCambQ187rS3dldGJ3bxCrE43Bnx9Br3cSKbSbajyxZ4C-YCMghNH_sO11x0oi_eFl6yez1F9f2-rlhx0_b5QD9mwHDl-lp5b1GBxhNJDzr5j0_EWSM-axu3787mkBxXF0nexQ8ir4_hdw1ZnRmjskLsr7BCRuwLgV-xtsfnBsv4WK-OHh5naYM-Jfl-rvCuw7VlsbFNfRAJqhe2b83nJ7KEHLbKW1ddKW_Ne_I2I9AutxQH-aa0TnNM1OOJZw4NDcL7ItbyaaxYPob-qdenxh4Wn6dVSQuXqxOFD_wv08U8rhv9nHJpju0vW_vLJQmuhGUxQEYSspouRf4yWj4JYr-xocpEWHjDn45imndyI6bNQaKiTTZEIFWGjdbCdrGmKtsrtZmMEP3Z-NfJVyyptbEpGm4UIYjJdrEvXIWOsUCdV7gDx6kQSL2n9gFl3e-OllQmmsBefzY3ln3WAgUWwg0K_Uj4-n6iJW1jkUqJE2XjzQTnC0ncKc2OHbBRkz8g3WG0TTS9M1TtBmTMsS5eEMw967I6lJrlB7lQSK8ZeqAGtoj0Df8Ej-yXn1btH5fvSHoxKduV29Dj2SI0kRDHXIhvUUAhbVtjzbEAlquxa5wHbU9YEb2KehmCrm8hsGX6_y22nd9DKEYuJ2Vd21U7QPEb8OzLdvODjLPGjSRYEO4Ed1M8Ljg1pVm5GuznbhKhNxHDqN2UmGt8-ZECE_ce6llhuvdkoxIhsvx0JqeIqBw9c1MO6rnzL6PxxtbmgrIr7E4VlniYonMRvxk5z2WEWuAB7azmDmLV23qTEXwf1Cwr2s1GteRbfYG-izszkU0&pr=8%3AE1DDD3F954D276F4&cid=CAQSMgDICaaNA8b58p423k4yzHG5Died2eT8chatLfWI7pZyiNvZCZgTakLuI9-Z9Pzqyv9QGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=13541817837438583000&adk=250276039&idt=149&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
3582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 14:00:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 424E 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKSRi3YrVm9W2uwHig7CRfliRY4PDJ0cteNa1Z-1VbVNSy9Nkzq3FW-O0F584mZEITJyOAufNyhaauys_7oMrRrt2GRbf1Vkg0n5aR1fMBPlzRChfol6NaYtIpc0Gyz5ILOrUw6ud0xZaH0RObvPmV8IrZogo2HWwXBSSj5VpBpQb8_iw&dbm_d=AKAmf-CAmLDqXj40pBOWMTmrMNaazA8-PeMvJHS341wldaiEmSapc5NH-mC3FDTXAB5DE29ze9j0HWebOINgL04uogGHgKzsSROe58DbZGSCG3bRyDhKm9AKCa5xM0LQSGvXfzCwfmsMpjp9bB3dp6euMRlCHjYMc9cb-r7brmNScdp76lnRC-2xXDjiAHJaDr_cISKKOTlqzn59Ek51_xAbKwBp-8bD-_ziJIols0zwDgYVQ2ddpBdETrxQzBkywXVIXoGpoWHJ4h2Ltdh0DB2lt4O6EIzjsqkotuz6X2dC0lFgOfsz2EXn3HbLlfp-YzCMLaG-OArJDeWLkfrRCgpeNihZcm2-UftPOIcwLO0GYsdVOar7vdIDcfH7kLMNt0_ocjYLp-riPsswGDM8kh0bTO3xMG8wvbJUf_KA-ql3MtJrMtAl5J6-mJYusqpIygMrivtCz6ZBrqWBaGtfRRRge7qKLbY-5uqayoxUCgsRL8Vdz1Lp5NuLuvSnrHRF7x8hOAlAYIJdhcU6h79cBdsYqJTxEbPf0RjC-Ia8KV0q-2QkgOjSCtm85_uc7eBODCDAkFQk8adU1o_Ec2RgYOvxK6GueE1jmmdqHUUADKG1wiJ4R4F3jCFJlSk8skeM5YWTwAy482S5jw0TuXjYKSHbLKX_GXFjvy-IpQvLvmaDATh_6PgE0LaLC32Tq2WUs2H76noOqgWX1wZkEq8dNpebwk0azdkIrSFseCEDm_pIaX0LOjH6nyZpX3iZ7q6KoU0ENxc2SczrpnhF31kwTHVpZLuediWUiHWMOUcTeoKt90WJq7dScgudjxeXsSHQ6I4X61X59fF4tpNTQPZrCyoReUUzRJ2gRs3NB6hssVlHgss6PP4e5dmEyRUYe2jfG8pOyK7fRwjcFi2oJI2Z5MzR6JR6bWgx5Oli0Ctqvmm41P2zUDy87eysBnBDwqW65udy17UavaVUh0Xes4asGHRAslpnkP718ZgrgUMWY53ZbHYzYSdWkIa_8KdEwFB8bPEWkHGHi2ftqArqIFZO9rroNc6DxbgDvTEgFanIiB0LMA2GE09QRyZ2iovhQ5e7GlGny305Bb3-nLjOAq0OzDq7if8vTPwXsT1JrzOJWhQOGfMVYg88RLcpvQ-5a8R4nbKKjMmoXwUkJHmgZZpkvhZbZREe_D1M2NmtKMlKcCzx7iQRcf2Tj000TQfFjiQ7ABGiwuOlMfEUMPEhbkLuFGFkaMN8royMJB-ImsNC2I6PZOuykNT9gRi7qEAGAPcBsOoenkO2EE9R4KMMps9mclUk7Q3zy9OVg9Ldso-L0KLU4gZ9plk2V679J5SJZ2puohUvlG3hERdzmnBVDhoHrjkRVrb3jvPguuMv85lE88cpdDShrwHKKy_Hcbwlqgz1VHoxNxwfe0R-BMo3xXBGs2Prmiz-PjVBdSsIe1a_fykaRG3DnY5drQi_f_xvHCBVNe-orm0vI6nZxjfyR4egnk06w6xZRMmGfOvVi7dhNDLMcIprQEc055p-udeX9SxwN0CGypbwb0IHCC_AtaLtze8YuIJvJiIMQTQOCja5qCPNvwvq6I1IT1YE4i5_uP673dcHj_syHWQ3I1sHGf_xIVftrPzlXtvrlTljcJpm6dtIg5_hvlnCCLhpzUhybnydJxro7dE9kxcsWKdkQUYo65z9BijW2STgyuf6uZ1K_d52jK--lz4QMlB1rK64PfjhHfimePFH2engStgFxly3gu2U_IzMhJMX14-yVrYsLZzj1AwwNgSIHd8W812Oo-iYdilWxBP-7kPGKQZ6aT3Qey6Ghxixy7Sw1-wFfp2P0S5KGfz5MYgOrzEGoBRX0euQRtXSqEhB8VmAdCAw3QuAr7vduyo8vOnT48seBT_n3Ju3qkPMnd2EhfLyMfOCL7ZeGHMya5RR8T8J6J7sdkOSakQG98C2uAWl-_L9hngIGX4JgCNtDb8kadEp3C4xrQd-XAmP4h6SY68ycq49GGqY0O25lEEaUqj3BelbX0qyaRG4TSWNZhQmQuzkGYtdu3bXN1RSJJMJlmUOx2s4-zrFxt9oBjfc3jbpicznB8Glryxajpbnfkl25cMrDTCdluCN4r8tbit6hGJIjG3XCQIyGdkyBljdZ4rZqbLtyrpuOoS5Qa1LVY5UQulEDJ0WqdnU0E-KnL_Ho75mGllxRVnvL7IzFXOxzOciVI08-2mfPAwMoubjlkaeDXIxEVYQub1ni9JHtZ6IF96rREH55Brc6C1nIKEcwVOVTAo_yS21YHO3gfr5UrsYeHXHIvijNvRCD2fvYlLIeIzvpIfbu7dxTL4PcBw-9fvHp1NAshsV5PVOS9on-ONEZwykCXZJVs81hnqXZEnFbNPeSWk9UAn2eUF5PevmbLgY9vaYiPpBl1VYf7Zmk1CfB-NaSXCKoz5GB4GPs55mxk3WKOCpLtiPjRjllHnF--GpC3rVAirpFnC2L3g8ByslD_IOuMpWjlu8Zt_3E_ZT4UR-hDVsaNPivRKTRAGQDDfNHgXqRYQXeLXgwegazK9n8hUD6KbRTRBtScS6djkW7AHzbY7kggn_kS9wh_spNX0J1aRfcukKt5bXjlOjC3mCHv0flfswc5lj8CsYCkqOx1BDPZHpPniXqQjhNFU16TyVor1sqnoqLSDKHYcT7xFYZLYFMCambQ187rS3dldGJ3bxCrE43Bnx9Br3cSKbSbajyxZ4C-YCMghNH_sO11x0oi_eFl6yez1F9f2-rlhx0_b5QD9mwHDl-lp5b1GBxhNJDzr5j0_EWSM-axu3787mkBxXF0nexQ8ir4_hdw1ZnRmjskLsr7BCRuwLgV-xtsfnBsv4WK-OHh5naYM-Jfl-rvCuw7VlsbFNfRAJqhe2b83nJ7KEHLbKW1ddKW_Ne_I2I9AutxQH-aa0TnNM1OOJZw4NDcL7ItbyaaxYPob-qdenxh4Wn6dVSQuXqxOFD_wv08U8rhv9nHJpju0vW_vLJQmuhGUxQEYSspouRf4yWj4JYr-xocpEWHjDn45imndyI6bNQaKiTTZEIFWGjdbCdrGmKtsrtZmMEP3Z-NfJVyyptbEpGm4UIYjJdrEvXIWOsUCdV7gDx6kQSL2n9gFl3e-OllQmmsBefzY3ln3WAgUWwg0K_Uj4-n6iJW1jkUqJE2XjzQTnC0ncKc2OHbBRkz8g3WG0TTS9M1TtBmTMsS5eEMw967I6lJrlB7lQSK8ZeqAGtoj0Df8Ej-yXn1btH5fvSHoxKduV29Dj2SI0kRDHXIhvUUAhbVtjzbEAlquxa5wHbU9YEb2KehmCrm8hsGX6_y22nd9DKEYuJ2Vd21U7QPEb8OzLdvODjLPGjSRYEO4Ed1M8Ljg1pVm5GuznbhKhNxHDqN2UmGt8-ZECE_ce6llhuvdkoxIhsvx0JqeIqBw9c1MO6rnzL6PxxtbmgrIr7E4VlniYonMRvxk5z2WEWuAB7azmDmLV23qTEXwf1Cwr2s1GteRbfYG-izszkU0&pr=8%3AE1DDD3F954D276F4&cid=CAQSMgDICaaNA8b58p423k4yzHG5Died2eT8chatLfWI7pZyiNvZCZgTakLuI9-Z9Pzqyv9QGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=13541817837438583000&adk=250276039&idt=149&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
71380
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:10:59 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 424E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
593731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
usync.html
eus.rubiconproject.com/ Frame EC90 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 15:00:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame EC90 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b35795583c515533313898d0e14334b4434610737c7acb1ae0846476559a2114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Dec 2023 04:50:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49790
Connection
keep-alive
Content-Length
13232
Expires
Sat, 09 Dec 2023 04:50:29 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CFC1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
280154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 09:11:25 GMT
expires
Wed, 04 Dec 2024 09:11:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame EC90 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 424E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 15:00:39 GMT
index.html
s0.2mdn.net/sadbundle/3405547488589800225/ Frame 8F3D 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1c59052179f67fe051442f53bc6e57fa5e800dee6058ac039fae663519b26d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2432
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:39 GMT
expires
Sat, 07 Dec 2024 15:00:39 GMT
last-modified
Tue, 24 Oct 2023 09:25:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 424E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstF3nD2EBuvozD9b6Ju-pHMARezM-iUSj_OW7y_iLkg4ML21N7j_d2TjHTTdNx-ZQkHP2AwMrjzKtOS_hDpbPn4DgByeZefQBVQgdDJcy3a6N2GYDpTsRcVxbQNzsZrrkE4uNjb6emPq4mHf8AhFku2qzXbRU2NAxJR1RHhnspjUbqklHgk1MuQF0t44yX_pFNZM29PHUEawrU-UCQwdLFNHePYvZMUPqT-ChsHeZO8JlMPoJhnlByfnb6DSyFChTuF_ZY03vuxtAVnKtafBjiW_kkSH6yIRA6LGSMQmt6UemXHSzpE7rrqH28ip1rTCsOU2TIWKBtArt5at7wwMIXOxeGECuQAz1zCTelA53o51f8m1umIXBZoiGccGLl6Cnwn5jrxfjQHgfsj6tBfS8JhCF8huRCqt10bBzaxn4SmDOJIdTi-lfGvG-5wjNahmyWq-7xMv3nPoPccK9LYOlGd7DFBiFM8nXzLoDK7vRMP1GhTJiJhSbb-eS6WnaHv42NCDNCAjBDH9i4Be_4PzCOfQpC037ysn9UVz6izP_TfcGRM0Wrb5C_xcyTy5obG6qMPUBT1YnWRNLjY5UdyaVksyoMILXKqmmeOOw0qcDypIa-GELse53_PParo0xGnhzuim_f1rEpbqKg2CqG_6-CLxH-pBQRqDOTTSjZduq3gjc1tEcTpVmPAHGa9wyJafzC0rNTPqhHoCh8Cwumj6H--Fhw7SIxYuJhQXNSmftMuquHaFGomzKfoqtV1aGB6VvondAT_wMdWsU0chthQQmp82DQ_2n3-oPtJXmKlCxMIMOBE41bX5cZXhiiMpZMOSHDVhoroIXCAfRLqkKUROn-U-IGojUlRGX_9yDJpHZs7ftIcrOXT8HcEVmGW3CW2aPRPQxcqhebDSwQGdKATiroTf6IhbUKXgFGRGpnIl5zmKNjRlVjy4_ccsyODhV5UFEX_muCBdQpVgg8nEYONHGvnV9UCQ4EE3LUH_UvH_pgDLwz4KPj5UXcSrss7VxMslb2UNdf5npdGbW5ZDGOhOEpT7HNMKrBiXP7kZHPRTOeLZxFi7A4mqJdlMwXFDIcAQYVK-VEiCoSoddUh4t1rIjHkeJlhe_68-IlqcXuV5NJ0i7c8_LcHT5stdHhGNQXr_dQGF47aDUgZOLq2YJuZsRs8C2dP8E17i5l6CSI5N8gt8sOxdOxbRDnOfz51SyRnuqfuVkLl9Jd8fVzGnARiWE21Eo9yrhjVdGvPDTiCWU4JUqOvGiCguqKYB1DJ3sCDzIiC2nanEVpZDhgmSh_9f1fLjnjGvSxK6zbQzj1R6G-euw&sai=AMfl-YTaY6WyrVxaIzuHNTtoO1aGPi81J1WTJU6oZat_lKbwvV-tKND6eParWZtua3JTyRd7vP-0i19hXqMMbFroj_XnH2G8KQWjpYOETyqKZaUeLAzF47dtHw9pTgnT-QVMeRYm23ZF8xhUZY6bB7OTmINumYu7I6PqhmZf62c_73Vo7ZDQQ0dcY6NZ-UbGBC8eNe-MOfHyOt55YeawS6c3JK_St_BfumT-TC8dpckQxvVeDZAuQY-w-Uk6gYGhfVGGCCD4CazmKjV40rYIjFk2&sig=Cg0ArKJSzBuyz7-R_IY2EAE&uach_m=%5BUACH%5D&pr=8:E1DDD3F954D276F4&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=118&cisv=r20231206.20269&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame CFC1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 14:57:15 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8F3D 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 15:00:39 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 8F3D 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 12:23:29 GMT
polite.js
joyn.kr-adstudios.com/img/banner-js/ Frame 8F3D 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joyn.kr-adstudios.com/img/banner-js/polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3405547488589800225/index.html?e=69&leftOffset=0&topOffset=0&c=iagmcXql9V&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:9600:7:dde5:8880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde
Security Headers
Name Value
Content-Security-Policy default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 09:11:48 GMT
via
1.1 87e83cc6e8f384d40eab78133e901302.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
strict-transport-security
max-age=63072000; includeSubdomains;
age
26453
x-amz-cf-pop
AMS58-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
88197
x-xss-protection
1; mode=block
last-modified
Fri, 13 Oct 2023 12:00:00 GMT
server
AmazonS3
etag
"be0097968a4b98b9427d98c7c07f9716"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
x-amz-cf-id
dgQ2kRIoH_n4NG39lgZJlNdi1FalcoiLF2VIhEUuHKSDVPViTZAm8g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFC1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BybkQly9zZanXIPngx_AP7LWkyAwAAAAAOAHgBAI&bg=!0dKl0p3NAAY3kmNgF5I7ADQBe5WfOBtFeqgtRS8D3W9H8TInWGMNg4APgMD8OQyMRapVByMsan8UdO0Ft1ry99KlCgidAgAAADZSAAAAAmgBB5kDgyraMbfbyxKC_AaBfIG3-gAc_AtUieoaEHxMIonOVobOJfi3ZGnEdslf7SBZCusQZo2bEZ5TIrKpuZaBxdWxu5gZyaEHnirHrzAGoyowzdkoyxw38zDSzIrs3fzLEjrw9S1DcdYyyuw65xx2_ix_U6xVrushhyYqnAe7J7W561UOV_wOleRXUdO5Ohmsm7NCvjGEAzcVS3K6_uOPysgUyYhUFm5eNGmhf-a5VsE3rHQ9DONLFEaEaZxoE5fWHR22PYJHCwT8-aBUE9MEgZIKD89Rry5EjIwhbwIp57Hbnvwub1dqhwgdynjyVR5qxDcnqW0lUYtNwylCmymMENQbG_hMplnQdAB3L62xCQMGV-UhbZI8oIj1CX90llNcOEoes_HRAJ6RX5VdnWYKTfZCSlo488YLF8JzWncYVazIn90NgTlEzst_U4R1WmIEfcqrPphK0ayp0h7WJPP8fpP_NVbV_JNUCtS0NC3zwjUh1_SrKhDqudHjFO2wEPVD-z2uMxeI2a9b1SaX_UouiScyLp-kxb07HKUh6Vu0mAgZGo-or-4krxNohs8wg9BB1h-1KVqMQnnUupW3qfmC2C8cWPvmxbhDOFptSLCLRfsZHkC9joJ1WQcesF5jSBwbJnWxSFbwBFn50nZuDa8WWWej2MoHoye7jb3-sip0ouQdAJQCAojrYXduwQuzK6ub-ZwhhiZQEgIK8A08cx7Y_dh_-BzJzfVMTpr5gk5wpVYvb-W7a_GTh26VUc141ReuaH5R67-nNg8KXcu9fv9r0EksJyvCFN_m1wBsy-hPPXcdYfHGSmUMg5E3l7BppSL-OxDyJ7ii0Jhq2F4wmdBdzPVHs74N2MTRK4TXNBuEuWXqtYZ1kmC2YXk9ccxkN6jSCNvyRlrUdDqA16hgUKz1u3IGOBpfmi5KFfp205R9E7SAVsjmc3_5MWdJGV3hUW5x0ebF6J7JFsRgij2igiSKrYxg_53UtwsMiBEuTKjs5NrSxLRuDms2y8Ot3qVwHQJGlfcxFdup_U70UWXIFo4YvSnCO3Aos8Rl5O5vq4s5XRCUQFGemCkuC773ofFaxWyJstaGYeUwcICJYM6vGZNZ4Cg_p74_X4sNQ03CTR8XqScuKPLU5J10ELEZ1JiCTPizEgCpPLDWjtBqIDm_bLrRJFI3NW9j-FxRANyVjJUrd8xy3AFGOxTk
Requested by
Host: 559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
URL: https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8F3D 		18 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame 8F3D 		17 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 424E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstF3nD2EBuvozD9b6Ju-pHMARezM-iUSj_OW7y_iLkg4ML21N7j_d2TjHTTdNx-ZQkHP2AwMrjzKtOS_hDpbPn4DgByeZefQBVQgdDJcy3a6N2GYDpTsRcVxbQNzsZrrkE4uNjb6emPq4mHf8AhFku2qzXbRU2NAxJR1RHhnspjUbqklHgk1MuQF0t44yX_pFNZM29PHUEawrU-UCQwdLFNHePYvZMUPqT-ChsHeZO8JlMPoJhnlByfnb6DSyFChTuF_ZY03vuxtAVnKtafBjiW_kkSH6yIRA6LGSMQmt6UemXHSzpE7rrqH28ip1rTCsOU2TIWKBtArt5at7wwMIXOxeGECuQAz1zCTelA53o51f8m1umIXBZoiGccGLl6Cnwn5jrxfjQHgfsj6tBfS8JhCF8huRCqt10bBzaxn4SmDOJIdTi-lfGvG-5wjNahmyWq-7xMv3nPoPccK9LYOlGd7DFBiFM8nXzLoDK7vRMP1GhTJiJhSbb-eS6WnaHv42NCDNCAjBDH9i4Be_4PzCOfQpC037ysn9UVz6izP_TfcGRM0Wrb5C_xcyTy5obG6qMPUBT1YnWRNLjY5UdyaVksyoMILXKqmmeOOw0qcDypIa-GELse53_PParo0xGnhzuim_f1rEpbqKg2CqG_6-CLxH-pBQRqDOTTSjZduq3gjc1tEcTpVmPAHGa9wyJafzC0rNTPqhHoCh8Cwumj6H--Fhw7SIxYuJhQXNSmftMuquHaFGomzKfoqtV1aGB6VvondAT_wMdWsU0chthQQmp82DQ_2n3-oPtJXmKlCxMIMOBE41bX5cZXhiiMpZMOSHDVhoroIXCAfRLqkKUROn-U-IGojUlRGX_9yDJpHZs7ftIcrOXT8HcEVmGW3CW2aPRPQxcqhebDSwQGdKATiroTf6IhbUKXgFGRGpnIl5zmKNjRlVjy4_ccsyODhV5UFEX_muCBdQpVgg8nEYONHGvnV9UCQ4EE3LUH_UvH_pgDLwz4KPj5UXcSrss7VxMslb2UNdf5npdGbW5ZDGOhOEpT7HNMKrBiXP7kZHPRTOeLZxFi7A4mqJdlMwXFDIcAQYVK-VEiCoSoddUh4t1rIjHkeJlhe_68-IlqcXuV5NJ0i7c8_LcHT5stdHhGNQXr_dQGF47aDUgZOLq2YJuZsRs8C2dP8E17i5l6CSI5N8gt8sOxdOxbRDnOfz51SyRnuqfuVkLl9Jd8fVzGnARiWE21Eo9yrhjVdGvPDTiCWU4JUqOvGiCguqKYB1DJ3sCDzIiC2nanEVpZDhgmSh_9f1fLjnjGvSxK6zbQzj1R6G-euw&sai=AMfl-YTaY6WyrVxaIzuHNTtoO1aGPi81J1WTJU6oZat_lKbwvV-tKND6eParWZtua3JTyRd7vP-0i19hXqMMbFroj_XnH2G8KQWjpYOETyqKZaUeLAzF47dtHw9pTgnT-QVMeRYm23ZF8xhUZY6bB7OTmINumYu7I6PqhmZf62c_73Vo7ZDQQ0dcY6NZ-UbGBC8eNe-MOfHyOt55YeawS6c3JK_St_BfumT-TC8dpckQxvVeDZAuQY-w-Uk6gYGhfVGGCCD4CazmKjV40rYIjFk2&sig=Cg0ArKJSzBuyz7-R_IY2EAE&uach_m=%5BUACH%5D&pr=8:E1DDD3F954D276F4&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=283&vt=11&dtpt=162&dett=3&cstd=118&cisv=r20231206.20269&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: helopal.club
URL: https://helopal.club/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6G2GoqANPRNjdk0UfKAgYyWlhaZnncAs_AoytsZ1kxpz4Mf6ekaZqmzvCwMBGzf51BVrhoHfLiDe3RWsXY6_bJSaheG8ok1LnuxX3amJpWXLeC0mulUnCphpDbqCm3JDv4mLsrSBThpGmVoNJrTU0Bhrzu_vUoXdG3zt2yq3qrX2ZSEi7sLgoJDYjtSvbRmXDqWqpUv0q7qUyuTxpWSVrB0SqfiS7EkYv_Q8tB14iMtGiiFns03Y5hsXo6F9NJValtJZdb9NnhESJjRSBBG7wDWY-t2FGXabNz21NpDfJhLFFrW9yS9QUmrxgJPjT0gXupzJiVYw1Pexus20VzNG8t-4chKSJa-TNTTRw4wiqWl9e6y4ISVF17U5-6z95N-RFTcL1RuHdYayXt4FyDqngCA&sai=AMfl-YTDxU8ovOZx4L5NXRsGVbT_NXF9vH-ky0cMJZndwrpp04tFDR9GEsyRrGXWFCuLwip2sz1L0r4Xw-KENg-2nur28I5_pVKtJIj6L9Y8vq2m-C340PGPjosA-L_hGH-0t-ardm4eA5fl&sig=Cg0ArKJSzGC8XOBAzgfdEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 15:00:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f3b666ef50336c7de5cc6c489d851efcf67eaea7de3b1e8f5f7a6ef5ce1c1c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12221
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F3D 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a60b36abc4b3f0c735871ac3a7986270f37db1986cd68af6e0a87fc0136977e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5960
x-xss-protection
0
logo-joyn.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 8F3D 		864 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by
Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 04 May 2020 20:14:51 GMT
Server
AmazonS3
x-amz-request-id
PBB69QPR0N8FK1CM
ETag
"4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age
0
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
864
x-amz-id-2
ifYn12AclHAz870ptYLrLWWe0aMnv2GqsN4OX5OWDeN+Wz0OxUOgMBeGAMl/SCMjhNPqT8KclGyp85ZbHIOrOQ==
sat1-gold-medLib.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 8F3D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/sat1-gold-medLib.svg
Requested by
Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
088a736ef08892e4bd88c860153761272be22358fa2e3f82f92a9e6ffacdbb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Wed, 16 Dec 2020 09:18:30 GMT
Server
AmazonS3
x-amz-request-id
PBBC3KKMGQ0CX8K3
ETag
"b01e1fb8641e38c14d25a48df24813c3"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1145
x-amz-id-2
sX8Ng8HOAErtKGu1CW/5VC/INfa6exyKi597RV/8aH0EFs7Fw4GUTq8ztJ/t4VzpFSOTaIPkgiLM36U/z5dnxg==
baseanimation_ss.js
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 8F3D 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_ss.js
Requested by
Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ab0a1cf5ba89fad9aeb1d7350394fa5f40b9ecc33ce6fd41a83363c9ba91e48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Fri, 13 Oct 2023 12:02:57 GMT
Server
AmazonS3
x-amz-request-id
PBB7Y4X39N8T1K5S
ETag
"c592b9eb3a2091aa3a2d82a6b170baed"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
30590
x-amz-id-2
EXchMBIfrJJw2MZFFX8poiOBjGA3wucwixz28xYacwhlbWWzaCJXSKrtEsqo3BWYHWq/nWWm2kLakfbLLXKFUg==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p7btphfweei/160x600/ Frame 8F3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p7btphfweei/160x600/teaser3_@1.5x.jpg?v=2023128160400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pl5zauzid0z/160x600/ Frame 8F3D 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pl5zauzid0z/160x600/teaser3_@1.5x.jpg?v=2023128160400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
75cc1fc95b80e404651e4d6f85cc01d24acbb3f092295d8a05ca3cf438796b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Mon, 12 Apr 2021 14:42:09 GMT
Server
AmazonS3
x-amz-request-id
PBB0JASJMEK8QHVW
ETag
"5d135a6e47528f74536efb77f364bc2b"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
16576
x-amz-id-2
Fy0at7driDwudTyzGSKmx2AhKAMkNGx9cW4fxjiaeoww/fY++pBU7RFNt+KCeLXGT3BMkDyoM554xFqBejnsjw==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plhcvc4fbti/160x600/ Frame 8F3D 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plhcvc4fbti/160x600/teaser3_@1.5x.jpg?v=2023128160400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3a22b9389e7fa4dea29d901ac471667d5fa0eb44b1038c30dfcd48b984c8a999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Last-Modified
Wed, 24 Jun 2020 12:13:11 GMT
Server
AmazonS3
x-amz-request-id
PBB9FDQC3QWW9GEC
ETag
"e83807e0b1d6644410d37b31155ce7c4"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10386
x-amz-id-2
OAnxPzvhoSRQHEAgDmS/eP8fGoz3s8/0jlr7R1L16yiT/U6yRpnLm6BqNuwKdsiwDhD+RW3HYwYpQxXzdgN3aQ==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p7btphfweei/ Frame 8F3D 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p7btphfweei/logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b3668721adba0d46e426f12438562a43d9d41f8f39b715d90493c54572f83bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:41 GMT
Last-Modified
Thu, 07 Dec 2023 09:20:38 GMT
Server
AmazonS3
x-amz-request-id
FC4A1Y4VESW0PKSC
ETag
"3c4d81e111f1d7bbfa4f05c3752b9a63"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5348
x-amz-id-2
a+EQzOzgqf/kyhwIkxnl0iRSvjwsJclJwUDRgTwAKqlPG956ZWtIHAMjaQ1MLtve6k5NnqV4uZAcjLrhQmYTfQ==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pl5zauzid0z/ Frame 8F3D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pl5zauzid0z/logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
db9f74c4be168410761d216daca98585651cf8814315da4f63410b5a2bcee343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:41 GMT
Last-Modified
Thu, 30 Jun 2022 09:25:27 GMT
Server
AmazonS3
x-amz-request-id
FC4BTK70Y3N0HJPH
ETag
"8afe0431f7f45a2011b822a7370e5ba3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10325
x-amz-id-2
5DNcWK0taJiOJjatFuuhd+yY3THiqttTqsxKdeB13JPHzGqIn1I5GoF/S6ZiORc8MgMpKkq4sqP+F7Sq+hXtOw==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plhcvc4fbti/ Frame 8F3D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_plhcvc4fbti/logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.71.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3406f425427f9f91c2b7d464c3b48a2c70efbaa52427964293295d323824ce60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:41 GMT
Last-Modified
Mon, 13 Feb 2023 15:28:56 GMT
Server
AmazonS3
x-amz-request-id
FC4C3P9Y054Q27MM
ETag
"fa3ca28a55e842ebc4dcb686abbce4bf"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11030
x-amz-id-2
mlnph8Hx7eKDC/OBsGMmTd4XxOIKhhiCPit63ACyP8NIhMFEJfJWEPh2UWjOvdHpEY1uKc3j1bz4LsnZUUOZaA==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelopal.club%2F&domain=helopal.club&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://helopal.club
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 08 Dec 2023 15:00:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
213781
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelopal.club%2F&domain=helopal.club&cw=1&pbt=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helopal.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
231121
expires
0
rid
match.adsrvr.org/track/ 		63 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
50243e8f6c9e7dca4838371bd97373a46750fb6ff3b45898bbb7f71b991eaca5

Request headers

Referer
https://helopal.club/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helopal.club
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 07 Jan 2024 15:00:40 GMT
usersync
ssp.wp.pl/bidder/ Frame A5D8 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 15:00:40 GMT
last-modified
Thu, 07 Dec 2023 11:29:52 GMT
server
nginx
vary
Origin,Accept-Encoding
sync-all.html
adxbid.info/ Frame 7E3E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8325e116792d213d-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 15:00:40 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5QCdjDiLyWvHuPdKPWfRrlstt2OOp9IJobZAV0Mlxxtk8txTFo%2BnQoBP11xbJ8X49eFZz%2Br3q4K4p4uGFOrXP9LFjxY3MLrZtAAK20AAtpdZbXG07rPn3%2FYeXiOxE0KA4Eh1e02CKbnTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
onetag-sys.com/usync/ Frame DCDC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702047637020&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 6331 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702047636914&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usersync
ssp.wp.pl/bidder/ Frame BF6B 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 15:00:40 GMT
last-modified
Thu, 07 Dec 2023 11:29:52 GMT
server
nginx
vary
Origin,Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 490F 		477 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 15:00:40 GMT
last-modified
Thu, 07 Dec 2023 11:29:52 GMT
server
nginx
vary
Origin,Accept-Encoding
/
onetag-sys.com/usync/ Frame B299 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702047636914&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 7E4B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 15:00:40 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7E4B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b35795583c515533313898d0e14334b4434610737c7acb1ae0846476559a2114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 15:00:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Dec 2023 04:50:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49789
Connection
keep-alive
Content-Length
13232
Expires
Sat, 09 Dec 2023 04:50:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F3D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 15:00:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 15:00:40 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 490F 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wpcdn.pl
Software
nginx /
Resource Hash
3ca365bd8ae00e217e1144823a7783fbc9aa28cb3e76f9927d593d5a02d1dde6

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 11:28:06 GMT
server
nginx
etag
W/"87b799fd589501986f272ae6c6a9606f"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
access-control-max-age
900
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame BF6B 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wpcdn.pl
Software
nginx /
Resource Hash
3ca365bd8ae00e217e1144823a7783fbc9aa28cb3e76f9927d593d5a02d1dde6

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 11:28:06 GMT
server
nginx
etag
W/"87b799fd589501986f272ae6c6a9606f"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
access-control-max-age
900
timing-allow-origin
*
access-control-allow-headers
*
khaos.json
token.rubiconproject.com/ Frame 7E4B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame A5D8 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=74265074314660700000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wpcdn.pl
Software
nginx /
Resource Hash
3ca365bd8ae00e217e1144823a7783fbc9aa28cb3e76f9927d593d5a02d1dde6

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 11:28:06 GMT
server
nginx
etag
W/"87b799fd589501986f272ae6c6a9606f"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
access-control-max-age
900
timing-allow-origin
*
access-control-allow-headers
*
getuid
eb2.3lift.com/ Frame 7E3E 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame FC6B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 14:57:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D874 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20699
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 09:15:41 GMT
expires
Sat, 07 Dec 2024 09:15:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 515E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3bc2fc1499e3cca307a6211bfb93f628a395f11ea00fa991bb1227e74cd4871f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BcQ4PYJJKQbcEfiTCkGE4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helopal.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BcQ4PYJJKQbcEfiTCkGE4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 15:00:40 GMT
expires
Fri, 08 Dec 2023 15:00:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
setuid
user-sync.adxpremium.services/ Frame 7E3E
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=bf3ea3f2b7658c08191d6d0a7099669280a8106d5237f2432abedccf9547cbdb
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=bf3ea3f2b7658c08191d6d0a7099669280a8106d5237f2432abedccf9547cbdb
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:41 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=bf3ea3f2b7658c08191d6d0a7099669280a8106d5237f2432abedccf9547cbdb
Pragma
no-cache
Date
Fri, 08 Dec 2023 15:00:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D874 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 14:57:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E701 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0nAVTXEs9rjHR7DnowPZWPGnZ7wjuZAvRUAMroQRYwmJADQiLaMjFAHq4s5fKTcMomVmNs9ptV3yPevjMbVklyynhmPVTKcaeYut8a8JnTxBcZThCzxA5kag-&sig=Cg0ArKJSzNTgSyRlDEz_EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702047638563&rpt=644&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E701 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2410469703603&version=m202309260101&ct=76&x=8&cor=5259701006572973000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 31A2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgDFkHQubCz49S0Z91bAI-YJeEENntlmEEy9zwly2LxYkMjLgQtT8v1wQ7skBKh3HNHTKLXYp_F8NMS9SRtShEhmis_Vxe4DvRIUQ89W3d9C_kVpABX9dJtfezwawxmBJPd4BT0ry_Rw&sai=AMfl-YQyWkDVNko-2Iq87Geuk-LYLFHz_p6mO1lKmt6be5w7s_WXHu4&sig=Cg0ArKJSzGy-ezc5BIQsEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3471947066&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702047638437&rpt=805&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 515E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=2398167256370812&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D874 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qKi_Ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=2398167256370812&bg=!bm2lbSLNAAY3kmNgF5I7ADQBe5WfOLzHqEKlShJL9wwI26FYj4tsnKKCjDhHdD-zbBh3pi3VuUOdhY689ogivDjhbzR5AgAAADhSAAAAAWgBB5kDAcT0Z3eZaXf7Pzmm5AgqKgO9qaVFoD4ExBDSE8Cn-93e3jS4EkAM1vfrDa57QzVf2qLQ_djGq0JdUgb3QaqFxW83XXRc2Ukp8RRvQcTOq4TVoD0FGxkbQX-pzlYZfeavQ0hm5apZc1ZEcPE86m-3VeGXkCW97Agt4ESbZ5JHCdEadKbzOpEb2LIEmkqEgOmY4SR0AsSFo9JiW4mRBkIbVtGfvr8k2Fzk_0W39VmGboPf_pDkuKucfD73nfIZ0Qlz-CrddKGDQCrJZ_LQcBYIfS4xIPX9vN6QBTKmb9Z2667d7zdpNHFTm0kcFM3YF1bPtLl_tWuB36cB8oIioviarUoWLeGkxOTK7IfbZHwFLW4PZVa8x8sFlvi4z6Ukn5NOB0O34Ts69RAxLKf2I1GhpFH1MG23s_eAECFGk7Qc7CfaxbcraHaSLBSdfeHbWPNeCadnm9f9BUXpBgG2lhDYi1oRaiC9YDOtqg2hSztxgrX7fwTonZbKymMxM7IzQw1KmkFmPeNzoJ3pKLqC7CNp5mEV3LUK_jOjE2eBQ0bxFRAcxJWxW6pkal7bSB3QBp__6G9aFimnGuQwI9dHvY_bCSvZhRShqDo2EMCVbqUE-fShrUHxRt_TB_KeiVmCOvMqb_-VxXdekE5duxozUYSWASiSP1ZZ28sGyFEqkK2lGOGdDyPUM5gYhKCnYC_-8ntua1KAd2BZFkCmu7TqGmbFmgEYN4tqALqbstUnlOdIEyNHx_cQBuUFRkGYJLlft4tgIgGnnaz4Lb03K4oR9Jv6mj2T_TIweDCYf-Lc9HJcTwJeFccJsokUqTqEwAeXLVc1NLo2i2iC3pgYv23QBG4ecAMOzC5q9VU7CgyYLOFwJim19PswsSVprWK7S_-ugMdk6QYe371x2sz-C47CtPPSnGGkgAU9vSxMsCjieVGmt6bfHW537HN9Ua3eqHyieD-OlR7-iwtIIxyM3SwB0U6Lm6JYovdSf1ZjQLKAZaXLu4UXw7Z6l8m7CYzf5DZ7TKZaxqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://helopal.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 424E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU-qDKTRQLal-xSaaOWiIqp0xBJUshjCif-5nRwCl_ZEo6_R5micMtVgD1YQPBnRhCDxRA6IrnrIdU8b8VAk1iF-t8hSb4_5aZASYifOdyuap2I62A_ZjK_I8-&sig=Cg0ArKJSzLHdlzRihx2IEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702047639337&rpt=597&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 424E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1583465704816&version=m202309260101&ct=76&x=8&cor=13541817837438583000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2276 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzlmO67WIiwQ_ZEXQ8T7WkJbx6-FVAFEJXImRqWKGBmtURKXFbZOqjoaADM7B6jL05Dx_oYtJ9wUhmyCqfi4jRE8ID8gkIBYOgilsCyGJ4hroY9_avppEGirvuIVE7erFDCEqf34PQeA&sai=AMfl-YRab0GD6-4eOx8vFE72I2kqeBpwHxs-DI8CcRpMQQ9Z1RtNu-U&sig=Cg0ArKJSzJr5TrD5luH_EAE&id=lidar2&mcvt=1002&p=183,1375,783,1535&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1457638999&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702047639219&rpt=723&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
vid.vidoomy.com/ Frame 49E1 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 08 Dec 2023 15:00:41 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
629499
x-77-cache
HIT
x-77-nzt
EQwBw7WvJwH3+5oJAA
x-77-nzt-ray
25b0213165f0b626992f7365514d6009
x-77-pop
frankfurtDE
x-accel-date
1701418142
x-accel-expires
@1702436521
x-age-lb
629499
x-cache-lb
HIT
setuid
user-sync.adxpremium.services/ Frame 7E3E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZXMvluj9bPEAuhYV6-22OwAA%263368
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZXMvluj9bPEAuhYV6-22OwAA%263368
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:41 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 15:00:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW8qS8u0yiR3lc7PVyKHdUDfWuKdtd0H5Gp%2FO1xV7%2FB9ZAtcaV8Mv8w50u3ColzBQYvh0vwM9bAF997VZyI5dSi2rDmQhaf2ro6ONulpdNk2LAdELlFUFCUXj2PufFq2VQZd6NXI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZXMvluj9bPEAuhYV6-22OwAA%263368
cache-control
no-cache
cf-ray
8325e11d7e22bbf7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 49E1 		1 KB
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 08 Dec 2023 15:00:41 GMT
content-encoding
gzip
x-age-lb
967786
x-77-cache
HIT
x-accel-date
1701079855
x-77-nzt
EgwB1GY4tAH3asQOAAwB1GY4EQH3AgAAAA
x-accel-expires
@1702116653
x-77-age
967788
x-cache-lb
HIT
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
6d204d114dcc1de2992f7365a15ce910
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D48E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50150
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 08 Dec 2023 15:00:41 GMT
expires
Sat, 09 Dec 2023 04:56:31 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D48E 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59206689&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:39 GMT
content-length
0
pixel
ap.lijit.com/ Frame 7E3E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Dec 2023 15:00:41 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync.php
pixel.rubiconproject.com/exchange/ Frame 7E3E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie
cm.adform.net/ Frame 7E3E 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:00:41 GMT
server
nginx
content-length
43
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture function| $ function| jQuery function| jconfirm function| Jconfirm function| setCookie function| getCookie function| gtag object| dataLayer number| splitProbability object| s1 object| element object| adsbygoogle function| getval object| clipboard function| HowlerGlobal object| Howler function| Howl function| Sound object| sndCfg object| sound object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| AdSlotCollection boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager string| GoogleAnalyticsObject function| ga object| sas object| apntag object| _ADAGIO function| onYouTubeIframeAPIReady object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack object| gaplugins object| gaData object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| __uid2SecureSignalProvider object| __uid2 object| GoogleGcLKhOms

47 Cookies

Domain/Path Name / Value
helopal.club/ Name: XSRF-TOKEN
Value: eyJpdiI6IjMwd0RhT2dSVUhweEJNS1IwNlBka3c9PSIsInZhbHVlIjoiNXpzQVwvc2lvWmNoRFNnWUV1S3FhRlMzY2JJbXRTQTVJNFhFNkFpXC9NeHI0aHhcL0tmY3VcL2p1RHlQMDBGaGRjSHUiLCJtYWMiOiIyYTgwOWYwMWUyZWU4MTkzZWEwZGM0Y2M2MTUwNWJhZTQ4Y2JjODU5NmI1NTBmZTIxNjZhODQ5NjI0MTcwNTVjIn0%3D
helopal.club/ Name: helopal_session
Value: eyJpdiI6Induc1hUQmpuNjQ1VVJJM0owWXpzMUE9PSIsInZhbHVlIjoiSDZDemU3QlRLbWo4c08wYnZNV0dheFBwTTF5VHcyemhcL2xRSHZDTGxzK2F6MHpPbm5lUWtvZFViSEhvVkRUQzYiLCJtYWMiOiI4YWM0ZDQxMzkzNTk2YTZkNDA0ZTM3N2RmYTE4YWQ5YjlmZDY1MTI2NWYzMDQwN2NlYjUxN2U2MTIyNmExNjBjIn0%3D
helopal.club/ Name: language
Value: eyJpdiI6ImorckdUcmU3eWpROEprb2xJUzloZVE9PSIsInZhbHVlIjoiM3lnTFJ6SlZQckxIcmU2MjFIQnZDUT09IiwibWFjIjoiZGM0NzUyZjMzNmM1MGU4ZDc5MjBjYjNlMDVlZDE2NGM3NzhlZTA1NjczMmI2OTdhYjhmNzk5ODgzYjRkNTk3NyJ9
helopal.club/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.helopal.club/ Name: _sharedID
Value: e4dc7d70-9b3d-4ec3-8f8a-54a1ab6f6ca8
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 2_1702047636_1702047637
.rubiconproject.com/ Name: khaos
Value: LPWR7TT8-R-2SB4
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp8PsiRAYF3xD5APvdogVCbaTd6KyMQnaviXIXbtn90w0i8jPsKMxVUISUImsHRrQ4p8wCaDmwsCZzU4JWreVW/+5t0Q3rmwu4ijy0RC4Zd8RuybVyVU0yt
.helopal.club/ Name: _ga_VWZGSQLZ5T
Value: GS1.1.1702047637.1.0.1702047637.0.0.0
.helopal.club/ Name: _ga_WEZNDFHJK0
Value: GS1.1.1702047637.1.0.1702047637.0.0.0
.helopal.club/ Name: _gid
Value: GA1.2.1915370738.1702047637
.helopal.club/ Name: _gat_gtag_UA_176069477_1
Value: 1
.helopal.club/ Name: _gat_gtag_UA_136873609_1
Value: 1
.helopal.club/ Name: _ga_Z45V12ZWF9
Value: GS1.1.1702047637.1.0.1702047637.0.0.0
.helopal.club/ Name: _ga
Value: GA1.1.865504423.1702047637
.criteo.com/ Name: uid
Value: d9a7efe9-7bf0-4a0d-8ae7-675007aea8c0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.helopal.club/ Name: cto_bundle
Value: zcP2DF9oRkF0MDhROWQ1cEpRZ2VTNEFLdkhycEpSWEolMkI2c2xtRDE0VlpxN0l6SWk0Y2tpZm1VQjRjVElHRHRsTG84bXljQ0Q2SFB1QnlLeXJMb081d2twckkyeCUyRnR2ZW9IciUyRm94cUxmQTNWZ2p5cUxiTmFlR1NhRnVWcDhHS2NQaTNReWhsaHhmbHNkd2lPVm5maHJseFM5ZkElM0QlM0Q
.openx.net/ Name: i
Value: 82e24697-f37b-4aca-bd65-f5836fa8b99b|1702047637
.acuityplatform.com/ Name: auid
Value: 862055548164
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhI+HhGWmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYSPh4Rlo90aGlyZFBhcnR5VXNlcklkWkNBRVNFQkoydzlyQzE5eUdIM1dSNTFKbmItOPv7hnZlcnNpb27C+w=="
.turn.com/ Name: uid
Value: 3791119474666774711
.casalemedia.com/ Name: CMID
Value: ZXMvluj9bPEAuhYV6-22OwAA
.casalemedia.com/ Name: CMPS
Value: 3368
.casalemedia.com/ Name: CMPRO
Value: 3368
.adnxs.com/ Name: uuid2
Value: 1108132220725476974
.yieldmo.com/ Name: yieldmo_id
Value: 3zmmVeekkxevckITxZRD%7C1701993600000%7C0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTxmtyGO!]tbPl1M>e)ZlrFUfJ+tGXxo<@eQYm<zacv9*6#1<X=8ZX]WkTX^Vw6F6+C43If)y3KL9D3I?+IWjjG0
.demdex.net/ Name: demdex
Value: 91561094913301715153789670362977482252
.ihg.demdex.net/ Name: ihg
Value: 91561094913301715153789670362977482252
.googleadservices.com/ Name: ar_debug
Value: 1
ads.smartstream.tv/ Name: DID
Value: 8454f4ab16f81f8613ffb6bcc59494f6
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
cm.adsafety.net/ Name: UID
Value: CM12023120815dd7640a47b202706bc9
.adsafety.net/ Name: cm_uid
Value: CM12023120815dd7640a47b202706bc9
.doubleclick.net/ Name: APC
Value: AfxxVi43gJimMydIczlEJ7QeTpEhf_bWTRE0jqSLvswqXN8pWhU3bw
.doubleclick.net/ Name: IDE
Value: AHWqTUm9S_gab6Vy8aVaYfWoyDajGqVQlr6swlThFsSwZM3VnyCvGKmNdaR_3IJn6hE
.helopal.club/ Name: __gads
Value: ID=49313522a4925f8e:T=1702047637:RT=1702047637:S=ALNI_MaOqCBv6tZ8qP6zqg_bZlD2Ricz_Q
.helopal.club/ Name: __gpi
Value: UID=00000d0f9ec1f6be:T=1702047637:RT=1702047637:S=ALNI_MZDRk1H4fugZvhyZYVgtYP688rVDQ
cm.adsafety.net/ Name: permanent
Value: 1
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvcHBWZER4Q0poQWw3dk5PTGVSZWhyOGd2VDd0U0d5M3k5VnhobWVVK2Z2YzVSV2k2WUt2ZkJ4WlFrODhndTFzRDlVREFUQXYrUUQ0ZG1nUDhGbHp4ZW5lK21YR05mWUQ5TnF3Vm10WExpWnZ2TUdyY1ROR1kwK1JEVCtUd045ZVlJVGlQK3h5UmxPSEpMVFV1NnE3TS9sOG8xTXMxZmZxL2dsaGRmQzhhMllGeDNlSi9jMHdQc1o2SGkzb3RZSktseDBKbFpFUEVKT0tqRm5CYVIyVzU2a0VLeDNHRVRHYTBqZEJZMUw5cjNDTC9FTGlOOCttZUVldVpDTUJNaW9kcjJnclpLN253ZmI5K25OUFFhemZhV3ZoZXdSd2N3OW5DdnNrVEE2TzdYSDRTN0dXSithV05sRnUwZUQ0ZnZoZk93PT0%3D
helopal.club/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-08T15%3A00%3A40%22%7D
.as.ck-ie.com/ Name: CID
Value: 91a863d077dbf598fc8068976dce532a32d3f680
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaWE12bHVqOWJQRUF1aFlWNi0yMk93QUFcdTAwMjYzMzY4IiwiZXhwaXJlcyI6IjIwMjMtMTItMjJUMTY6MDA6NDEuODExNzE3ODk0KzAxOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiJiZjNlYTNmMmI3NjU4YzA4MTkxZDZkMGE3MDk5NjY5MjgwYTgxMDZkNTIzN2YyNDMyYWJlZGNjZjk1NDdjYmRiIiwiZXhwaXJlcyI6IjIwMjMtMTItMjJUMTY6MDA6NDEuNDI1MDA2NzAzKzAxOjAwIn19LCJiZGF5IjoiMjAyMy0xMi0wOFQxNjowMDo0MS40MjUwMDYyNDkrMDE6MDAifQ==
.ads.pubmatic.com/ Name: KCCH
Value: YES

2 Console Messages

Source Level URL
Text
other warning URL: https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/howler.min.js(Line 1)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_p7btphfweei/160x600/teaser3_@1.5x.jpg?v=2023128160400
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

559462eaa8614037026d976f44dadbd9.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.smartstream.tv
ads.yieldmo.com
adx.adform.net
adxbid.info
ajax.googleapis.com
ap.lijit.com
as.ck-ie.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
cdn.helopal.club
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
code.createjs.com
cs.chocolateplatform.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fun-dare.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
helopal.club
ib.adnxs.com
id5-sync.com
ihg.demdex.net
image6.pubmatic.com
invstatic101.creativecdn.com
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
joyn.kr-adstudios.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.turn.com
region1.google-analytics.com
rtb.adxpremium.services
rtb.openx.net
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
sync.inmobi.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
ums.acuityplatform.com
user-sync.adxpremium.services
vid.vidoomy.com
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
141.95.98.65
142.250.181.230
145.40.97.67
15.197.193.217
154.59.122.79
159.203.145.121
172.217.16.130
172.217.18.2
178.250.1.9
185.106.140.18
185.184.8.90
185.89.210.122
193.135.9.129
198.47.127.19
2.19.217.60
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
209.192.201.180
212.77.98.32
212.77.99.29
216.52.2.16
216.58.212.130
23.213.164.238
2600:9000:206f:5600:f:a31d:75c0:93a1
2600:9000:225e:9c00:11:a4de:2580:93a1
2600:9000:2447:6400:a:e047:753:a221
2600:9000:2447:9600:7:dde5:8880:93a1
2602:803:c003:200::61
2602:803:c003:200::67
2606:4700:10::6816:3556
2606:4700:20::681a:8a9
2606:4700:3034::ac43:be40
2606:4700:3035::6815:5c4b
2606:4700:3035::ac43:8b1d
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700:e4::ac40:a70b
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:f::213:7ed6
2a02:6ea0:c700::11
2a02:6ea0:c700::22
3.5.71.60
34.102.146.192
34.120.107.143
34.96.70.87
35.186.253.211
35.244.159.8
37.157.6.233
37.157.6.254
51.38.120.206
52.17.48.145
54.220.142.223
65.9.66.104
69.173.144.138
69.173.144.165
76.223.111.18
79.125.82.191
8.2.110.113
89.163.155.32
0622f12b7efe23ffb940a420521eb6f170060657f51d81637cd14d21ecedad78
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
088a736ef08892e4bd88c860153761272be22358fa2e3f82f92a9e6ffacdbb82
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e59260c6a416d1eeb58e143a78d682756a37c15fcbcebe4bcdc1928f60e4eaa
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efc15ac0c027f6c4feecf95451c592e741b22763508b1c7d448e5bd8d8344b0
13aa444747a569e25f79d16b3870a9715735f0bfb98e395447f1dbc979c78be0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1756cbf5c9c8c73fae4b374ede874839ec684a28bcea40f43964d05e76a98264
1d175839d8ff797dc46ee269c6876c21895dd6df126f4602ff8d46ee9e0416f9
1edfac5c088ed3e1466c757f9b3305cd19669b405a308d875feab389a01caf7c
1f36198740d2dd79a44002dcf7eebe2c43ab6b5c3ffd60b7e71dd31a7c43872b
2001c42b2ce2b362f5fa875d0d45cda31c83709d6592ce20040ad38e9eda556a
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
25b1808c891a37b3001543555622e93ba4b454cdffca4c6abf4ee8fbbe9f2ead
25cb0c014feabd8c4c0d24c6f0c47e0375ec8bb12248da5bd0100fed5121604f
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
29aaec486617fb3efbf0d98e6034ad1a8eb5d82734e2aed02ab7de37fc1be9d3
29cdbdf522c538e3de84c0bcb316a4ebd32eca77082d1582506537a338cb799a
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3406f425427f9f91c2b7d464c3b48a2c70efbaa52427964293295d323824ce60
37347237fd275e5e05d7da1ba74a92a06c58c89ce83a52f376f9971c5a34d111
37ea8070090eb5470f64d57ca76dce72bb83db50a72f943643b6ab85ac49d094
387fa76a18c1e2dcc5db9d10f530ac9c419faa94becd7bedafaf8d05521c32c4
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a22b9389e7fa4dea29d901ac471667d5fa0eb44b1038c30dfcd48b984c8a999
3b466cd5a743f6332582f606f9706ffa324496c9241f9e1f14b37c8e07a93df6
3bc2fc1499e3cca307a6211bfb93f628a395f11ea00fa991bb1227e74cd4871f
3ca365bd8ae00e217e1144823a7783fbc9aa28cb3e76f9927d593d5a02d1dde6
3f3b666ef50336c7de5cc6c489d851efcf67eaea7de3b1e8f5f7a6ef5ce1c1c3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45d48e1d7e27224461b0b699f702ad07ca66ff00da3e98408c23b7de03a64c19
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47e62e32edebec69ad2df63aae2c93ae75c9cf7c2634afe6b8b91f197890ae25
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baba6636758b3880eadfeb99f51dff0038eb7fc5df1a0cbfd9eb4b9847080a9
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d49809a3e7379f46dd69f308337cd8c570c31e539c33e3183ace04b7935f802
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edc8ba60fc93980f7c796ebe81032a7fe8fa9de3c908f19a90c1faac7ca791b
50243e8f6c9e7dca4838371bd97373a46750fb6ff3b45898bbb7f71b991eaca5
5346e5b0651c045c8381191ebf1d760cb7f39e108a9d6a50de49df5f00445472
537f6db0f95c63ad512ca91bd59f5830606833eab46551d697a40833fd41c0a3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54ba65f2f0af00c5ee413e22e99f5cc42f3eab745ad0ace94d008032714c0e00
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fedd576ff4a20677e36cf4a3464674224723d71f39af53d846a9a261446e70
5bd8b93147a25b894ae2f92584a545693838c3f910eab31999b22d50bca4aa6d
5c8409dcad2e8d36ca28ef173376dee1e565758442050715742bfdbb08c92cad
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6079a677b4ff727c225559facad29c7a945d060fa5cd637ac76b4ee55d21f471
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d8f4d58fc9c2ca59102e1c8d4100707b342db19f53d856d2dcb8d484f1094
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6707e35e9d8bc09af866d0a7a34308cea6045dfd5afcc9ae36427e612a312e36
67a620b02e2a8b2f28d34ee63509828125c4992f021adcf05e2eabcf23ff6621
68c82d2c77388cab6da0584fcd1539d002ad095de31d9f80937aae0ca6cb15af
6ab4a49144b0899c87c607eba0952310f2790e06bf4cd6ba025fa8f4dea93052
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c765580728797a4c4a1f6e3009a4543d25a8e7e2964337403ac224ec1f706f2
6e01a0575080f66e28f68c7d43dd12195d569a2172bdf786643945e3589b055b
6f8bfefec2cd703c79b6f039fa4091160c9ff5a67d9d3b7d159924304517d869
6fdd68fb302111aa20d2544c139144e3e43ff45e7f46af9ecd6005dcbb1f24f6
7017dd89c36e7c0b58a09fd549d82ab2cb94222822c3fea417b5f9b8a87390e1
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72035cff2a2b4aa0eee6fa22c60e429cd23e12a43f811edce39f999134dfdb08
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73060bc634e7d84fa78d9e5b0b0d188c9e0e84dce0172f8042bba2b180886099
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
75cc1fc95b80e404651e4d6f85cc01d24acbb3f092295d8a05ca3cf438796b2e
771b7eef67686955f8043bb3a8108b34bc56f6cf1e99ef7161848e151c01c907
77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a
7aada0fa68f0a9dda2dff3d7832949c556844d593033eacbbd578ddd1096c934
7b006c26b599c26431ec98f5891b32af7dd70a9a19397e5147a9ca534d2132db
7bcc32a5bd2678766a21faf6b68941eaf9fe1fc9c7168a091af3ef81c1738f50
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
81717b95277e92e6964745acdb1d0f0ea4a4dcaf43ca16844cf79626c7c4fece
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
85cbceaafb359c2c5a430bf996580c9269ca94b2fd643df5816fca8796e7d5d0
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774
8b7ec456a0cf37c3d45f4764713d118a215b11c09296ca0bf9d7a2289a75895b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
922d3d7dd7772ab371fad867be8d540f3fc9472235a394f65289151cee4ab1b2
93dd9a1b61205da94e0b142633b384b9c2c1fd2bcfdec60e74984cfae50aeaa9
9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9d53c079d4f5d303cd726649f4db9c21b8cc06b9110a980b9c20d793d9a315d0
9f7bda6b0c8c48293f46860952db4d54390f81de655355dc7bad2e0fd419f6e4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c71bee455ba91e5aa859abf3961d7e57c1c00cb85def124dfa1d8f53069d47
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a1f7d0dd8fbf668376479186d5286de016e8cbde9625d228b21fac31e4b4f252
a44cc65f511f52da0151987fc2786a19fb311a97b5c4d7fb44c138fcf39e2067
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a60b36abc4b3f0c735871ac3a7986270f37db1986cd68af6e0a87fc0136977e7
a64f924f7eecd0ef8d6b8fd672ceff3d645afeebc65cda4838ac089892fa1cd2
a6c3bff7fc96098aa0123372edbb1a284bef7a2adbac8aa75cbce908c681035e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8e0f42bb7544f3b80a70a365cda8be4758b8c434aa31d6b13612c5f55b76d2b
aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f
ab0a1cf5ba89fad9aeb1d7350394fa5f40b9ecc33ce6fd41a83363c9ba91e48c
aca997682d0dbc6da36f2262551bb2d69aac5a5d0ed13b876ecd74e874314eba
adb7ce488750e49ae1913e28b9db87927cc155c393b42f0434826811905c4fd0
af27fd178a5afc293b54611bb56408ee12491b153053bd7709f754abe00d1c57
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35795583c515533313898d0e14334b4434610737c7acb1ae0846476559a2114
b3668721adba0d46e426f12438562a43d9d41f8f39b715d90493c54572f83bdc
b36ccb3fa489753610fcbf8f4cfe4021cd1ee7b6159d8a17eabaa92b3e3d8094
b66fea64ce1ae1040340f5762d97a31187aaf1ec2c8a28a532b0c82622c6df3a
b7a44b79476282023aa69f375fb648558a8913635c9350fdcca4ef79a876d70b
b9fa1b78af612f835e36c2b7e759d15aa574851f2fb7dd556542af5c4ae2d4ff
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcfeb4b89a5cda13c5da8db61507eea441ddd4d4cb1e5a84f91d456cea251b7f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c02562a57e9268300e4d34ed8a8a37c6215f08ebfd3c24afc8a31bf33293a6a6
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c96b29253ad99be379f0fb6810b701fdff2071411f2b2dc0237314490aa428f2
cc410cf6750249cfbe5c6c2b1e37a11d399d97261da2b05f927beb7b52908295
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
d1c59052179f67fe051442f53bc6e57fa5e800dee6058ac039fae663519b26d0
d2a4f81bfb6ea085da3920d788715bfd3e3e43f0737cb1f871be910b77bb47d8
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d8cf56b4a07234b3d6b7958cf7b41b43d1adbdf141ce8ce81fa11621bfd4a586
d9bb81ff9677b3198471a835c4b4bcdbac8bf83690aed07305944baf02f240f5
db9f74c4be168410761d216daca98585651cf8814315da4f63410b5a2bcee343
ddb3aa9142a5007f984815fe8383a9d6bca2e369f19496f68025b230b4953584
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e74ea66f1736299c8aa9124abed99d4aac26e0abdded8e09baf4820efd5b258c
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e87a0a4ea67100ecf0073972c688d535b91b6742d8f54017013b978ce2c18d57
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec50c9a8d51925986413f726c63b107ff51502b5f44e49f54807c6d3427757ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
f98cfe6d95e7ca6c6d14d3b34d959052eee1ed7160418d5e3922aeed6f9acd46
faa576f54633087872ee4c26a4ad87b2f864f5285b2cb21cb0ed3132fed1c557
fb7828000d896527d60d4866afd681d3766d4a367c3db1439c6d9b3a48900cee
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e