urlscan.io logo urlscan.io
SecurityTrails logo

grabify.link Open in urlscan Pro
104.26.8.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://grabify.link/track/41AL59
Submission: On January 10 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 11 countries across 88 domains to perform 653 HTTP transactions. The main IP is 104.26.8.202, located in and belongs to CLOUDFLARENET, US. The main domain is grabify.link. The Cisco Umbrella rank of the primary domain is 720915.
TLS certificate: Issued by GTS CA 1P5 on December 11th 2023. Valid for: 3 months.
This is the only time grabify.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 104.26.8.202 13335 (CLOUDFLAR...)
11 193.108.153.23 20940 (AKAMAI-ASN1)
1 142.250.186.72 15169 (GOOGLE)
1 104.16.57.101 13335 (CLOUDFLAR...)
5 216.58.212.138 15169 (GOOGLE)
13 172.217.18.4 15169 (GOOGLE)
10 172.217.16.195 15169 (GOOGLE)
22 104.22.24.131 13335 (CLOUDFLAR...)
9 142.250.186.131 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
1 108.177.15.154 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
121 104.21.25.19 13335 (CLOUDFLAR...)
2 2 18.245.86.8 16509 (AMAZON-02)
3 143.204.215.88 16509 (AMAZON-02)
3 13.32.22.213 16509 (AMAZON-02)
29 142.250.184.226 15169 (GOOGLE)
1 99.86.4.71 16509 (AMAZON-02)
1 104.22.74.216 13335 (CLOUDFLAR...)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 104.26.3.70 13335 (CLOUDFLAR...)
7 142.250.186.38 15169 (GOOGLE)
2 104.16.85.20 13335 (CLOUDFLAR...)
1 65.9.66.122 16509 (AMAZON-02)
8 142.250.185.193 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
7 9 185.89.210.212 29990 (ASN-APPNEX)
13 52.210.29.170 16509 (AMAZON-02)
6 34.149.20.76 15169 (GOOGLE)
2 5 172.64.151.101 13335 (CLOUDFLAR...)
1 18.193.58.13 16509 (AMAZON-02)
6 5.196.111.65 16276 (OVH)
1 23.218.209.56 16625 (AKAMAI-AS)
1 216.52.2.86 32475 (SINGLEHOP...)
1 145.40.97.66 54825 (PACKET)
1 104.22.54.206 13335 (CLOUDFLAR...)
1 178.250.1.8 44788 (ASN-CRITE...)
1 52.222.239.116 16509 (AMAZON-02)
1 3 54.75.58.229 16509 (AMAZON-02)
1 14 216.58.212.130 15169 (GOOGLE)
26 172.217.18.6 15169 (GOOGLE)
63 142.250.186.162 15169 (GOOGLE)
35 142.250.186.33 15169 (GOOGLE)
14 142.250.185.66 15169 (GOOGLE)
1 18 67.220.228.201 16509 (AMAZON-02)
23 69 142.250.186.66 15169 (GOOGLE)
2 9 104.18.36.155 13335 (CLOUDFLAR...)
6 6 18.197.202.18 16509 (AMAZON-02)
1 1 35.214.144.54 15169 (GOOGLE)
1 1 95.101.196.17 16625 (AKAMAI-AS)
2 2 52.208.118.80 16509 (AMAZON-02)
3 52.46.143.56 16509 (AMAZON-02)
1 2 51.89.9.253 16276 (OVH)
3 3 35.214.168.80 15169 (GOOGLE)
3 3 64.202.112.95 23352 (SERVERCEN...)
2 6 35.244.159.8 15169 (GOOGLE)
3 3 91.134.110.132 16276 (OVH)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 141.95.98.64 16276 (OVH)
2 2 63.215.202.137 41041 (VCLK-EU-SE)
2 52.58.140.226 16509 (AMAZON-02)
2 2.18.96.187 16625 (AKAMAI-AS)
1 52.17.148.138 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
4 15.197.193.217 16509 (AMAZON-02)
2 2 54.81.187.36 14618 (AMAZON-AES)
3 178.250.1.9 44788 (ASN-CRITE...)
1 72.251.241.204 32475 (SINGLEHOP...)
7 8 37.157.6.243 198622 (ADFORM)
2 178.250.1.3 44788 (ASN-CRITE...)
2 4 185.64.190.78 62713 (AS-PUBMATIC)
4 4 46.228.174.117 56396 (AMOBEE)
3 5 46.228.164.11 56396 (AMOBEE)
3 54.154.107.3 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
2 142.250.185.170 15169 (GOOGLE)
1 1 216.200.232.253 30419 (MEDIAMATH...)
6 185.64.191.210 62713 (AS-PUBMATIC)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.210.103.224 16509 (AMAZON-02)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
1 2 99.80.24.194 16509 (AMAZON-02)
1 46.228.164.13 56396 (AMOBEE)
6 216.239.32.3 15169 (GOOGLE)
1 142.251.173.154 15169 (GOOGLE)
2 2 3.76.149.124 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 54.210.107.216 14618 (AMAZON-AES)
3 18.173.187.118 16509 (AMAZON-02)
10 54.201.118.64 16509 (AMAZON-02)
1 1 142.250.185.206 15169 (GOOGLE)
5 74.125.108.199 15169 (GOOGLE)
1 213.202.235.9 24961 (MYLOC-AS ...)
2 2 35.190.0.66 15169 (GOOGLE)
1 1 13.32.27.108 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 52.87.8.97 14618 (AMAZON-AES)
1 1 69.166.1.67 27630 (AS-XFERNET)
2 4 23.52.123.144 16625 (AKAMAI-AS)
1 1 151.101.2.49 54113 (FASTLY)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 185.98.54.153 39572 (ADVANCEDH...)
2 3 77.88.21.90 13238 (YANDEX)
2 198.47.127.20 62713 (AS-PUBMATIC)
2 99.84.88.50 16509 (AMAZON-02)
6 142.250.186.34 15169 (GOOGLE)
3 142.250.181.226 15169 (GOOGLE)
1 1 193.135.9.126 48314 (IP-PROJECTS)
1 1 193.135.9.134 48314 (IP-PROJECTS)
1 85.91.45.134 27381 (CASALE-MEDIA)
1 54.72.123.219 16509 (AMAZON-02)
2 2 91.228.74.244 16509 (AMAZON-02)
1 3 104.22.50.98 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.214 16276 (OVH)
1 2 34.240.111.87 16509 (AMAZON-02)
4 4 3.75.62.37 16509 (AMAZON-02)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 1 193.108.153.12 20940 (AKAMAI-ASN1)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 52.197.237.41 ()
2 178.250.1.11 ()
1 172.67.38.66 ()
653 95
20    104.26.8.202 (None, )

ASN13335 (CLOUDFLARENET, US)
grabify.link
11    193.108.153.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com
cdn.fuseplatform.net
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f138.1e100.net
fonts.googleapis.com
13    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net
www.google.com
10    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
fonts.gstatic.com
22    104.22.24.131 (None, )

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
9    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.ch
121    104.21.25.19 (None, )

ASN13335 (CLOUDFLARENET, US)
glookup.info
2    18.245.86.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-8.fra60.r.cloudfront.net
cmp.quantcast.com
3    143.204.215.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-88.fra53.r.cloudfront.net
cmp.inmobi.com
3    13.32.22.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-213.fra56.r.cloudfront.net
c.amazon-adsystem.com
29    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
7    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
2    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
8    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
13    52.210.29.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
g2.gumgum.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    18.193.58.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-58-13.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    5.196.111.65 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu
prg-apac.smartadserver.com
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    104.22.54.206 (None, )

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net
aax.amazon-adsystem.com
3    54.75.58.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
14    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
googleads.g.doubleclick.net
26    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
s0.2mdn.net
63    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
35    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
tpc.googlesyndication.com
14    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googletagservices.com
18    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
69    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
9    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    18.197.202.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-202-18.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.214.144.54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 54.144.214.35.bc.googleusercontent.com
csync.loopme.me
1    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
cs.media.net
2    52.208.118.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-118-80.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com
trace-eu.mediago.io
gtrace.mediago.io
3    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
3    91.134.110.132 (France)

ASN16276 (OVH, FR)
PTR: ip132.ip-91-134-110.eu
ssbsync.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com
amazon-tam-match.dotomi.com
2    52.58.140.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-140-226.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    52.17.148.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    54.81.187.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-187-36.compute-1.amazonaws.com
i.liadm.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
8    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    54.154.107.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-107-3.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
imasdk.googleapis.com
1    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.210.103.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-103-224.eu-west-1.compute.amazonaws.com
a.audrte.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    99.80.24.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-24-194.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
6    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.251.173.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wi-in-f154.1e100.net
bid.g.doubleclick.net
2    3.76.149.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    54.210.107.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-107-216.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    18.173.187.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-118.muc50.r.cloudfront.net
static.adsafeprotected.com
10    54.201.118.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-118-64.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
1    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
gcdn.2mdn.net
5    74.125.108.199 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s17-in-f7.1e100.net
r2---sn-1gi7znek.c.2mdn.net
1    213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net
s.ad.smaato.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    52.87.8.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-8-97.compute-1.amazonaws.com
google.partners.tremorhub.com
partners.tremorhub.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com
sync.teads.tv
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    77.88.21.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    99.84.88.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-50.muc50.r.cloudfront.net
bucket.cdnwebcloud.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ade.googlesyndication.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
1    193.135.9.126 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    193.135.9.134 (Germany)

ASN48314 (IP-PROJECTS, DE)
cm.adsafety.net
1    85.91.45.134 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5220.casalemedia.com
1    54.72.123.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-123-219.eu-west-1.compute.amazonaws.com
neural33.cdnwebcloud.com
2    91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    104.22.50.98 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
2    34.240.111.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-111-87.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    193.108.153.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.197.237.41 (None, )

ASN- ()
cc.adingo.jp
2    178.250.1.11 (None, )

ASN- ()
gum.criteo.com
1    172.67.38.66 (None, )

ASN- ()
va.tawk.to
Apex Domain
Subdomains		 Transfer
124 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
bid.g.doubleclick.net — Cisco Umbrella Rank: 1354
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
580 KB
121 glookup.info
glookup.info
52 KB
112 googlesyndication.com
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
ade.googlesyndication.com — Cisco Umbrella Rank: 360
649 KB
32 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
gcdn.2mdn.net — Cisco Umbrella Rank: 1773
r2---sn-1gi7znek.c.2mdn.net
2 MB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
91 KB
25 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
847 KB
23 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 12757
va.tawk.to — Cisco Umbrella Rank: 12200
209 KB
20 grabify.link
grabify.link — Cisco Umbrella Rank: 720915
374 KB
16 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
image2.pubmatic.com — Cisco Umbrella Rank: 1555
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
image4.pubmatic.com — Cisco Umbrella Rank: 2201
29 KB
15 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1241
static.adsafeprotected.com — Cisco Umbrella Rank: 988
dt.adsafeprotected.com — Cisco Umbrella Rank: 933
192 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
a5220.casalemedia.com — Cisco Umbrella Rank: 615584
10 KB
14 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
908 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 6
region1.analytics.google.com — Cisco Umbrella Rank: 2014
59 KB
13 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2297
16 KB
11 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 19203
157 KB
9 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 8672
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
12 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
15 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
5 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
138 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
2 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
d.turn.com — Cisco Umbrella Rank: 2160
r.turn.com — Cisco Umbrella Rank: 6381
3 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 1108
eu-u.openx.net — Cisco Umbrella Rank: 3669
us-u.openx.net — Cisco Umbrella Rank: 930
2 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
2 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
dis.criteo.com — Cisco Umbrella Rank: 943
gum.criteo.com
8 KB
6 33across.com
ssc.33across.com — Cisco Umbrella Rank: 6391
926 B
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
sync.teads.tv — Cisco Umbrella Rank: 2019
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
593 B
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 11303
ads.yieldmo.com — Cisco Umbrella Rank: 1057
3 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
13 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
31 KB
4 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4373
sync.inmobi.com — Cisco Umbrella Rank: 2616
46 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4630
spl.zeotap.com — Cisco Umbrella Rank: 4422
1 KB
3 cdnwebcloud.com
bucket.cdnwebcloud.com — Cisco Umbrella Rank: 37363
neural33.cdnwebcloud.com — Cisco Umbrella Rank: 167143
8 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 4780
976 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
2 KB
3 mediago.io
trace-eu.mediago.io — Cisco Umbrella Rank: 20317
gtrace.mediago.io — Cisco Umbrella Rank: 6276
788 B
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7787
650 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3785
951 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
1 KB
2 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 31772
partners.tremorhub.com — Cisco Umbrella Rank: 2179
912 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8834
910 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22624
498 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
55 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
34 B
2 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 10805
668 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
582 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
41 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 4731
1 KB
1 adingo.jp
cc.adingo.jp
44 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
615 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2641
1 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
550 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 17119
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 19705
823 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10841
288 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 65617
607 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
539 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
756 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1916
99 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
457 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11689
60 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
2 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2809
173 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
739 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
468 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
283 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
1 KB
1 media.net
cs.media.net — Cisco Umbrella Rank: 1972
672 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
239 B
1 connectad.io
i.connectad.io — Cisco Umbrella Rank: 9628
506 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
354 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
524 B
1 google.ch
www.google.ch — Cisco Umbrella Rank: 17844
408 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
83 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
653 88
Domain Requested by
121 glookup.info grabify.link
69 cm.g.doubleclick.net 23 redirects googleads.g.doubleclick.net
u.openx.net
sync-amz.ads.yieldmo.com
grabify.link
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
63 pagead2.googlesyndication.com grabify.link
tpc.googlesyndication.com
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
www.google.com
35 tpc.googlesyndication.com grabify.link
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
s0.2mdn.net
securepubads.g.doubleclick.net
29 securepubads.g.doubleclick.net cdn.fuseplatform.net
securepubads.g.doubleclick.net
grabify.link
www.googletagservices.com
26 s0.2mdn.net grabify.link
s0.2mdn.net
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
20 grabify.link grabify.link
static.cloudflareinsights.com
18 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
u.openx.net
sync-amz.ads.yieldmo.com
ads.pubmatic.com
18 embed.tawk.to grabify.link
embed.tawk.to
14 www.googletagservices.com grabify.link
securepubads.g.doubleclick.net
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
14 googleads.g.doubleclick.net 1 redirects grabify.link
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
pagead2.googlesyndication.com
13 g2.gumgum.com cdn.fuseplatform.net
13 www.google.com grabify.link
www.gstatic.com
www.google.com
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 cdn.fuseplatform.net grabify.link
cdn.fuseplatform.net
10 dt.adsafeprotected.com 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
grabify.link
10 fonts.gstatic.com fonts.googleapis.com
www.google.com
grabify.link
9 www.gstatic.com www.google.com
www.gstatic.com
8 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 c1.adform.net 6 redirects ads.pubmatic.com
7 ad.doubleclick.net grabify.link
6 ade.googlesyndication.com grabify.link
6 csi.gstatic.com imasdk.googleapis.com
6 x.bidswitch.net 6 redirects
6 prg-apac.smartadserver.com cdn.fuseplatform.net
6 ssc.33across.com cdn.fuseplatform.net
6 ib.adnxs.com 4 redirects cdn.fuseplatform.net
googleads.g.doubleclick.net
5 va.tawk.to grabify.link
5 r2---sn-1gi7znek.c.2mdn.net grabify.link
5 fonts.googleapis.com grabify.link
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
s0.2mdn.net
4 ups.analytics.yahoo.com 4 redirects
4 sync.teads.tv 2 redirects 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 a.audrte.com 3 redirects aax-eu.amazon-adsystem.com
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 match.adsrvr.org ssum-sec.casalemedia.com
u.openx.net
grabify.link
3 googleads4.g.doubleclick.net grabify.link
3 an.yandex.ru 2 redirects grabify.link
3 static.adsafeprotected.com 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
3 secure.adnxs.com 3 redirects
3 image2.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
aax-eu.amazon-adsystem.com
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 ad.turn.com 3 redirects
3 sync.1rx.io 3 redirects
3 us-u.openx.net 1 redirects u.openx.net
googleads.g.doubleclick.net
3 dis.criteo.com ssum-sec.casalemedia.com
ads.pubmatic.com
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
3 ssbsync.smartadserver.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 s.amazon-adsystem.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
3 api.btloader.com btloader.com
3 c.amazon-adsystem.com cdn.fuseplatform.net
c.amazon-adsystem.com
3 cmp.inmobi.com grabify.link
cmp.quantcast.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects grabify.link
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects grabify.link
2 mwzeom.zeotap.com grabify.link
2 cms.quantserve.com 2 redirects
2 bucket.cdnwebcloud.com s0.2mdn.net
bucket.cdnwebcloud.com
2 simage4.pubmatic.com ads.pubmatic.com
2 ads.travelaudience.com 2 redirects
2 r.turn.com 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
2 gtrace.mediago.io 2 redirects
2 pm.w55c.net 2 redirects
2 fw.adsafeprotected.com 1 redirects 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
2 um.simpli.fi 1 redirects aax-eu.amazon-adsystem.com
2 cr.frontend.weborama.fr 1 redirects aax-eu.amazon-adsystem.com
2 sync.crwdcntrl.net 1 redirects aax-eu.amazon-adsystem.com
2 imasdk.googleapis.com 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
2 pixel.tapad.com 1 redirects sync-amz.ads.yieldmo.com
2 static.criteo.net cdn.fuseplatform.net
static.criteo.net
2 i.liadm.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ads.pubmatic.com aax-eu.amazon-adsystem.com
2 match.sharethrough.com aax-eu.amazon-adsystem.com
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
2 amazon-tam-match.dotomi.com 2 redirects
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
2 onetag-sys.com 1 redirects aax-eu.amazon-adsystem.com
2 match.prod.bidr.io 2 redirects
2 cdn.jsdelivr.net cdn.fuseplatform.net
embed.tawk.to
2 ad-delivery.net grabify.link
2 cmp.quantcast.com 2 redirects
1 cc.adingo.jp 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 s.tribalfusion.com grabify.link
1 a.tribalfusion.com 1 redirects
1 image4.pubmatic.com grabify.link
1 spl.zeotap.com 1 redirects
1 neural33.cdnwebcloud.com grabify.link
1 partners.tremorhub.com googleads.g.doubleclick.net
1 a5220.casalemedia.com grabify.link
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 s.uuidksinc.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 sync.taboola.com grabify.link
1 s.ad.smaato.net 1 redirects
1 m.exactag.com 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 tr.blismedia.com 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 d.turn.com googleads.g.doubleclick.net
1 dmp.adform.net 1 redirects
1 sync.mathtag.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 eu-u.openx.net u.openx.net
1 cm.adgrx.com ssum-sec.casalemedia.com
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 id5-sync.com aax-eu.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 trace-eu.mediago.io 1 redirects
1 cs.media.net 1 redirects
1 csync.loopme.me 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 bidder.criteo.com cdn.fuseplatform.net
1 i.connectad.io cdn.fuseplatform.net
1 prebid.a-mo.net cdn.fuseplatform.net
1 ap.lijit.com cdn.fuseplatform.net
1 a.teads.tv cdn.fuseplatform.net
1 tlx.3lift.com cdn.fuseplatform.net
1 htlb.casalemedia.com cdn.fuseplatform.net
1 hbopenbid.pubmatic.com cdn.fuseplatform.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 btloader.com cdn.fuseplatform.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.google.ch grabify.link
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.cloudflareinsights.com grabify.link
1 www.googletagmanager.com grabify.link
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 cs.chocolateplatform.com Failed 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
653 141

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
temp-sms.org
join-shortest.com
adf.ly
bc.vc
ouo.io
adfoc.us
twitter.com
Subject Issuer Validity Valid
grabify.link
GTS CA 1P5		 2023-12-11 -
2024-03-10		 3 months crt.sh
cdn.fuseplatform.net
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-12-25 -
2024-03-24		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2023-03-16 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-12		 2 months crt.sh
*.cdnwebcloud.com
Amazon RSA 2048 M03		 2023-08-23 -
2024-09-21		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh

This page contains 72 frames:

Primary Page: https://grabify.link/track/41AL59
Frame ID: FD59935EC1846E8E68AC770915CF7830
Requests: 252 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Frame ID: BFECEF08333ABDE39586D26DAEE9E25D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
Frame ID: BDEF35C750E13492F5A9A458BFF9FEB4
Requests: 10 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1903726FECF5CED865CFCB23FB6A1423
Requests: 1 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78317BDC511EE98B224AF79AA2A7C742
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYnqCDggIwAQ&v=APEucNU-5JV44__99TujYmrn13UF7xHyLjslsBxyLpx4o9P5PFy5KeOxHfYvoP0tqLDkW3blueirs4-mCXktXA08e8BuK9sR9JGv5chmXFjpLPqzrHziJp0
Frame ID: 388554457177F1225932CBB33C43DF0E
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: B41B92E86968E0DA8F97A08B917D8138
Requests: 8 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Frame ID: 34CFF4121529045A4B3DC76A6317E576
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9991CF07D6AE91C42696947AAFF21555
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Frame ID: 9C370EBAE00DE5F42E79C6EBDD58D27A
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 7DE4D262880517475565D363C3B9FC27
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: EDDF4F76F7574D44BB06B75685E0F7BC
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: F171B0E6888C685442245EF61E2B0E9C
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3921665730064509669&gdpr=0&gdpr_consent=
Frame ID: F90080DF60DBF8191609AD8869C7BFF8
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Frame ID: AB354D391FBF7D0607F4635A023B3D4B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAI6N5SHqch3QMLUKCYAAAAAAA&expiration=1705002899&is_secure=true&gdpr=0
Frame ID: A4EEEFE67A2DF03A085A9DB7ED96BECF
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: AD01B609E6D89FB6FBD4F855F9DC4CEB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 48D83432FD3D520CBA7D628B3AE2C8B0
Requests: 19 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: E8A1E2E8FEE952B813C24F288ABE06FF
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4261276730387416164&ex=appnexus.com&gdpr=0
Frame ID: 94446986D9030DAA111FB38ABADAC146
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4049355094611287000656
Frame ID: 30368860BDC8B9EBADB2993EE83EE201
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutBWR0SSmYWl89d9M61TW4cpCjJl6FOzaSBS8EzCfHsUyX-gHAyo0ZIt0t9IhxdoFPYKkHzzPqy3OWHDu5VtXF1dLMIu2GD1-5aF4DPFqgTutaD_3krUAZ13a4JHnfS6mNWoACRNFeVLSLx4qw5qgXDyC8wG7CtkiHl4jzzsDQhvNPW4QuaxQvMbXMu0ho9R8TxDsYid7sEm3J_cgd7vFQLkHB6RxeDF0GzfF8u43fM5E0kj8Aje4n8D7PMc2yQ21YwvZlZ0eheLTNB8wfpJSqzhwX8XtqeGZX9PNkse9XId14rAdBPWGorxtNhZk-GLGDVtwqSTci8Ww7K2tbsIaGbjG_cCwXElXn8PMTQtOYa34GOYwEYAsztqlLOw&sai=AMfl-YRW4ZrBsWvRv91Sg6dpX0LTN8byZ87sBjBRNR2vM1zwq8NXnOikHioq0zqHhX2A0PKa80WX0IsGx8QRgX32nI8OQDYILHKZrIHcC0-uqXPxHGTJxiOKeMqnnZiiLg&sig=Cg0ArKJSzC7-lj4mhgQNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5D53A9AA1FAECE332AF66BD6F443EB9F
Requests: 4 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5C27DE8301A52B8FA5B3318F940CC86
Requests: 42 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut865npvusRntFLC7bED4gmaRcHSh-rtTlF-J4U4xes9iKJUft2l6Dc9RBGo3IezmEygMs6zGc6ranKd4qT6ZGf-EW9stM7M8651YIqpIuqwd_-neOociq3pvalzCg7fEmqi8o4Bo8Fxz39T6eXsahvo8mKMUlp5Dr6mYJ9QSb1C1Pqw7yDT7cUONe83e1nBVUennJe1lPch2BqRovc3-EBpDtBvjmYGLPBnCx9eoZ9eCRlfukb3SufFKbfEc_twW9muK9Rfhf-LjSoDfHZlC5DQEv6jWzpI9frOJac2JuiUBWoQ11kDuTe_O69E4Rs-vYVJWeFG9DUme_CKq71Mb2EeIXDBmlqGaSvS-jA1XcG28kjuOj0eRcbWJgvg&sai=AMfl-YRkgLPNF8s52NLcf-CuMGvolorBSdhPqomaDbszmCe6cNhvWAqkSKvfd20vI6BtVevWUnUzRqJe6V96A_RgUFMHVh8yNd7m6Prdinkev5l3GA_nSTAoq_Ae7pHRUw&sig=Cg0ArKJSzDmf6zPBhVUnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 452A25CCE10BEC0754AC7B929F9A77B9
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiKuPevIlxTIDHnLLHeo9VbWkzqHhIFHQEM3n_nePjKiVsX8V6zORRcFiBuAUwqlI1gi0dVGaU2_EwVqJk-_q6JCQ7NYs-Z1A7_dUAaYQSeJStdwPQEGDPLqmdi4lhPWVas60-0jxRXMvyjSbfTHUX7lV91_r2axTUOfp_otiqPei7_Lwpa_xVw40YuBZ3HHa3sK3Twuf366tzDxqWHIwd8jlNzaF_oPBPckw7js8jl-PB-nnXYdkhUHl2ZFGSktctkCYjzeMH4K87KHLnpDLM1RJqGbHrn0wuaSl-Y_mNJl0it3qTmYHv8y6KoOBvYKf-wmedVJ-XhwWun8FhJ7yyUng4jhui_nRHBFU9IWI29e0GzCxBUkHpET339FTtj690&sai=AMfl-YQBoUoFQEjo2q_3j5t_LKO3L8LaVH9nxjOfJZJdnyqb8iIsfCGvc1HRJHUdwrywX5F4Qs-1zQ2Kuk61uSE1NPcGKD3MZZkLTUdFS8EjsXLIOb8uePOW9IEIgU-9OA&sig=Cg0ArKJSzP4WK6zEcs-DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C6B4D762A6B13CF59F9F69DF368B32F1
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUaRZP36CNZk5QAn_2ablnMgA3X2dppeOcHcJ1tGa5cbgsZyIuEV_aP4BTkFSFSvbzgbvTrf6SNqV9CbOyc97-S7EMLqcPkOHNGku4FDFqVklrubsQgFaRWsK3NGm_XaL1jf84DYzAZb_knHq9GcPh76DKreul8QXdc05hVCYWmA02nKZmcm3YpWXy8hxjOnVT2V497Nfhj3q_aAzW65Ejs0dCW5ccFlsC-dQAA3nWWV3Yvpt7zJm55a1L0EAe5djBN-DUZqlJDI0fy1WXdnAl1OCop6fHIA_ULiuFu9hMrcrIeKWT3vohl50JRAI9VZTUEA311ltFgK0VrcAmg2sezGcSQ5OprSPrNKNUf_axrVFC3LXpZ39JC8Mo0pzh-AM3lHva8Ifeye9XJYZg&sai=AMfl-YTXAWQf-d8diGyJ0PVUOYSulArrOVBnoSZN5vBv9W5LK_6b7YtWF0xlo7mgIojA0aZYG1GS3oloWiDaD1chfb6YcoXBoNN2cctbpzAa_haoO9xkuBC04HaE1V8Qgg&sig=Cg0ArKJSzBu1NckqaMpnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 197B76FAB77148E10C83A2FF58C3005D
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjQWBLfxijwdfAW39J6sDAZdneY7Bxu4Z3-GaiP1PsPS6PMbt7L7tIApKTc1bW2VNLmoLZsPllLtTjLXJWc0iPSoq9R7bBt3Mbx-SK8os9d_Am73F2HXOvOZ50VoU3ILjq01Uuo2ldY68Dno_0EIi2YJRLJbAWvooZHno3TjTOKrtuzYlQqKIutS49VDBoQXJb48-aZT8NkI4pNzUNN7w4ndbToHMsAbhBJ1W1_U4q_8ZKPXyYUFnUfY-LR_FZI1gnOXkznxJyhCUvCLuiWwU8V5urkELzift5t-sMeXA0DqcujtNTDKMLCPZ4QoJXqNQv3YWus7dIy9q3PtPJy_bYgMonRizL30Za12Pg3GVS9La2GJ2B9Cj1byVbDjtlpe1h&sai=AMfl-YQz6ok6gLnNJ9hs2lbasPz46vM_lOD6m5dcTjiNj96phVEaeHgWuQbYCIeZfsCn4TYxki_oJxFFOnwSZi5kClePa7fQvjxfvca8JNiawqvJugGFTdBvzmT6qrtjVA&sig=Cg0ArKJSzDoeFhwjd1mjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7E3F959C13D4BCF8C87121F503A4C478
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:77ae659e-f614-4b00-b80e-c5e00b9cdb8d&gdpr=0&gdpr_consent=
Frame ID: 2A9BD4017D4CB02195F2A78D2490DFD7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 72630AB80E50271439A388AFCEED4210
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID9751CC68-3D62-4259-91DE-A54BCBD0BACD
Frame ID: 3FD92704ECD10A9A124A1795042CD783
Requests: 1 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48406DB2C2DFF1BC126A8DDD41651D50
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYrYKr7gEwAQ&v=APEucNV48SD25f29WAMTfjOeRYpn1DtqVa782PlHq3H7M9KD9fGa0uMdQrkpYpiRtsUvVnteO1ATif_ImP9xakJoVszOctWtJMReYATskgInGGgUq0px4OA
Frame ID: E78EAC2943E551F7974AD164AF4FDE7E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGOvJgBIWauxKOAZ6WxplmOnptz9Vf7_msj3erPuHveZllOB4sfUrXOPc9TxWUQZ-yCV_cZuynD9jNs6XPgRjDoUpmFXRz2bGEJy6yzxkYNFaQRnWCx8lAKhXw07FfQdTdpBgxgpH7e2wncGU4mhlsmQqkFYkDnLZSjFtbVgn8Xf70mSZlkGOVMLdyGN0ZnzBi9nTiXRInQyZEIYbc9UyVxv4q4rzUCPyWsVrPc_u8RXDG_fdpHrMyynjoXIEkbv1Vxw_noxtj6fqDHJM2TwzT1b5hWpgvm5mAWSfwMoRJ46QQmIWvOiBC3lPzDjn7jTtCBEky62uge3N2ILEEKIgwo72-cKWC1BdFYl0jv_hRzYHzkmhoW2fiNseyee4GwldTAxnF8rKqDjGb-XtE&sai=AMfl-YRBRhGjr2umTM6Liys23-w2pbDcYQATNLs4mdowiWIFhbLDeONgVWzR3Fnmtytc8j4pepfBJc8dhghEHPmg5ZuhJn2qI1f5v0E7nzMD0wW_kL-kj9ehW0Xl7BA3eg&sig=Cg0ArKJSzFmnMFTxvCB5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E758C1416E54EDF3DE06B3F7B5EC06B6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D89E875483780833BB29CB0DA2597E13
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CA9895EC6360EFD7F5212580749681E2
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 168A1906221381D3842F3BC38841F7DF
Requests: 1 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75569AEBBCF19F3D550066B693E3F2E6
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3C574C574CB7A5527F4DA1A022D3B71F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhis2oTdATAB&v=APEucNVrTDM9fCBZeslxIjjQQU24ngdAQAYakr_oyQXCVwxhZkqf4eVYH0HNUPd-5SlUEjDt6K3k9gREjnH8Qcwk-fJWET09usZnoiBZBWxV-Q_WprMiLaA
Frame ID: 7EF633CB8595DA3649F63BD862BD49BC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09B96E51593540120DDD9FD1BE6AD81E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 89B88A179396C32EFBA8ED4B3BE13B1D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 2CBE85A20B273022C4461AB1C018015A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJqeF9_E9nuCKmUu_i04H72AUGfW1q6jg1BI4Fnh7yz4Kj2SUV077zQiDs2JGy_k6XrX2tiWNinJbWjSJ0zo-7kZOvqoChWEcNzId1y-HbS1j1pNwczZ6JYJ4NspqmAZVi3njtMlEnNWVzsVBrT7v4JxnGbPSgkqCLvaA_t42RDJKYDD9MsJCdjtuHwVxqoJdb7zpTTS41Me68FNwedNPwL3E5Zt4DiGepXtuaTA-ALcFaGyLb2_A50aGXx6y0gv_olZJwAtFQwmyBe8uNf8BJY7nMOIEpUd0nKaWuutlYV_nuxVVvSxIvf6IvavJ90Fx-q_1DtLMH6MO3ZwQLMi1_q7FIc4I1qH7hmIhhqgFrojgZopSW1JRnabnTiVu1OhaQ&sai=AMfl-YRVZNtDvL8McHLbeMPm4tByoH7u5bNwi2jAfwcxUvP7bLq850GGhd3TPyHBezGVVubaPV8qFsz7jJeUiLG4iEG14nRS7M3WqxYFLoi_DPJLxV6n1Hmb-N3JPXthRA&sig=Cg0ArKJSzHxsxseQvFjwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 940BC5FA183F89A1895D95278F0313F5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15246FFA67341BAEC24791F5C680E1A7
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvexJPBMZoUAXVK4wjLRm6P2u7hC7ZyiipKWNl8wzQSB1NufAw7qJXhFlCAjcaGVSzzr2N16iezTFsqkqL2-2plvs4W3fH3oNg-oyfyBdnmDGSh0fLpR9c8Vhp9vouU_dMc6GSC-Xsj64DMHgXi81DbF2bDUGJGwpsE-ELTGt2c0sUxnsvGn5lmABvF6LKPWoFcDKVImCiuWUGe29uohXF0dP_cGsVLokNYBbyqARCXhfYHMGnTpIcIyHBDBcRiLlF_d8N459JICjL5_U_ByAHITW6wfyZd5USd80wlyUGiA3uiAJ29tueG8-UFTqPwk49QQr608eca7Mu8kRuPbTBx-nuvfb2Cl9zYQW39iMBRMlI95aOQ9s9zN9GoiDqZyBhY&sai=AMfl-YSD_tVr4qNOGtjsP7BNuMEaGqfAHtfTuul_JJfuBtQHpSK3lYKh22midSgdmX3Ecb8EVtrGrslF_UYTY8ppIocrX73klnVTrb4WXw7l9LwCUXFzuWEX72H9pPYgsA&sig=Cg0ArKJSzHwtRElm9upKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7E9377035CAA5D7460194CA74238FBF2
Requests: 4 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9E9F7DA1FA9DC632ECF83EB076BAF994
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGOjps_wBMAE&v=APEucNXQ6B3_hdzFFbL0m_0saWutIJ9fEoPfixUUvplDiErbXMXx2VnWC6Jwg68qxKVnNaMMrLdlL2X4fO4Ed2Eds0eY8QkV1K15yc507pIM-ty5EqogAgo
Frame ID: 525C354E3858E61F90CFDD1595B0C491
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1A854EB10DCCAD11623CA932A0A6379
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6EF11A097D8B7660B51AB56AFA7E0732
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
Frame ID: B8066C2025BF9EDF4DC59B69F0CC12ED
Requests: 8 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D760AF48D249C38E5204FE09077C2618
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDpvwEQ1Z7BARjhy6_9ATAB&v=APEucNW6rbkdNLJCf215TuZ3gx7lmLC27K4aYEM8_pr3FMFhzH2Flc3RgSWHdMQK2eskGhd1WL0SqWUBJdPKp1OTeqbxXuAf_RAgNn9TOT0vZrA4y7WwvQQ
Frame ID: 6B817E86D484DFD3F13947ED31E1FF2B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 8AA747762BCA96503B2DF4AB3CD0B34F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&gdpr=0&gdpr_consent=
Frame ID: 12955BE369E7C25E87B3342A1106EDAA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9751CC68-3D62-4259-91DE-A54BCBD0BACD&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5C04D11B3A3D587351FF23C1007DF4E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k
Frame ID: FBB3ED03426AA59B3A1CECAE01D6DACC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4261276730387416164&gdpr=0&gdpr_consent=
Frame ID: 4197D7091D10AC0E5121544BA200F9A2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID9751CC68-3D62-4259-91DE-A54BCBD0BACD
Frame ID: 3C07416A21C29DF2789B82093F744740
Requests: 1 HTTP requests in this frame

Frame: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B5E159E85D9B36854A7A5A0E3F011C6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISfMxDJgrgCGOiqgfQBMAE&v=APEucNVfDMkfoG1IGIKGPcYNSnk1WDFBN1OogvhX12Jvw84rIOYA-Lx10KxZZL6yuYHKPwi6x707x6XzqyFK7J1IFrBDXIo_HWDZDXnf4k1n4idXc-Jd2VY
Frame ID: 8EEAD8532942BDE8C9AF050C64C758C0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0481D55785CCBC75901213AE513F9BF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 76E1BFECA9B82D01124CF7CC42088706
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91B502C400D0BAFC0C8AFA1FCFC1CEB8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8E44144B841F956557CB6CB417B5DD54
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
Frame ID: 356B0834E7F9844C7F23EEB0D4B377DF
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=grabify.link&gdpr=0&gdpr_consent=
Frame ID: B62C2A947F455D6030D704965526EAD9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: EA925A48C2265C0459C245A0FFF2AC35
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF9EEC9663CEDA62C0F1FB7A19A8EC41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BBA884A85F9D55904C567C2D89C7CF50
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Frame ID: 51A3B3589099E5EED3CA0A2889F5AF1F
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Frame ID: CB923434F98BF7C41EFECB6AC057C87B
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Frame ID: 6958AC5BFF8E29AB54D27849130E5ABD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tracking - Grabify IP Logger & URL Shortener

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

653
Requests

86 %
HTTPS

0 %
IPv6

88
Domains

141
Subdomains

95
IPs

11
Countries

7074 kB
Transfer

20774 kB
Size

139
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
Request Chain 62
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
Request Chain 197
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1&gdpr=0
Request Chain 241
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ72EsTdxh8P9zeyMg-eQQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
Request Chain 256
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=d07a02e7-9f11-4152-8204-dc68e15622a5
Request Chain 257
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=0e954c6d-461c-472e-8a13-cc56d92f0cb8&gdpr=0
Request Chain 258
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3479180990041155000V10
Request Chain 259
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAGJmE7LPewAABRdza0NvA&ex=beeswax.com
Request Chain 261
  • https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d32b85952sopae00lr879hu9
Request Chain 262
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
Request Chain 264
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Request Chain 265
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3921665730064509669&gdpr=0&gdpr_consent=
Request Chain 266
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Request Chain 267
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=23b27d5e64461914&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAI6N5SHqch3QMLUKCYAAAAAAA&expiration=1705002899&is_secure=true&gdpr=0
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=4261276730387416164&ex=appnexus.com&gdpr=0
Request Chain 272
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4049355094611287000656
Request Chain 275
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ72EsTdxh8P9zeyMg-eQQAA%263265&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ72EsTdxh8P9zeyMg-eQQAA%263265&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c914b96a9739471c9dcad52fb923f4d5 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZ72EsTdxh8P9zeyMg-eQQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ72EsTdxh8P9zeyMg_eQQAADMEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5e9Hg8ylhtXp_HH6bY094&google_cver=1
Request Chain 280
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3921665730064509669&gdpr=0&gdpr_consent=
Request Chain 281
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9137344626810906505&expiration=1706126099
Request Chain 285
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=115945671295295080
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4iyt9GmkTGwd4pZtUWkHY&google_cver=1
Request Chain 292
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1704916499140 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=361156704 HTTP 302
  • https://sync.1rx.io/usersync/turn/2438663765918997326?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-b027dcad-66b8-4dc9-a441-6a22d91889db-003 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEK65Vl0BNgWrVmzJZM8UmFE&google_cver=1
Request Chain 294
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEe9R__OOM_ie1BGpKdl HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=VEe9R__OOM_ie1BGpKdl
Request Chain 296
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=4261276730387416164&pn_id=an
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:77ae659e-f614-4b00-b80e-c5e00b9cdb8d&gdpr=0&gdpr_consent=
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 325
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1498019956
Request Chain 326
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9751CC68-3D62-4259-91DE-A54BCBD0BACD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZzU4UVNjVnlLb25SeGFsU0w3OVJrQWZPUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=9137344626810906505&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc1MUNDNjgtM0Q2Mi00MjU5LTkxREUtQTU0QkNCRDBCQUNE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENCEFfG27TrPusuOSXqLCKU&google_cver=1
Request Chain 330
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9137344626810906505
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEA22wnN31nJwskI05Jcm7no&google_cver=1
Request Chain 373
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cver=1&google_push=AXcoOmTqbHW9Br-jGL-Obzg2UG4qScVeQQCvUET8C-LGaqMba0hVLdV-yb5tblnEwZ7YjT-Xo8CNVzj0mhU0EnLIr70hHh9WhhoUnw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cver=1&google_push=AXcoOmTqbHW9Br-jGL-Obzg2UG4qScVeQQCvUET8C-LGaqMba0hVLdV-yb5tblnEwZ7YjT-Xo8CNVzj0mhU0EnLIr70hHh9WhhoUnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d2toaUljRzgxUm5FRmU1&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cver=1&google_push=AXcoOmTqbHW9Br-jGL-Obzg2UG4qScVeQQCvUET8C-LGaqMba0hVLdV-yb5tblnEwZ7YjT-Xo8CNVzj0mhU0EnLIr70hHh9WhhoUnw
Request Chain 375
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEZCpBWryBBafwLzKWwS9yA&google_cver=1&google_push=AXcoOmRxRGgdnc6mnn6twulCbC10oNdYupTg9ujdL8UAaJH8tWnV532ld8KIce-oEz9c4xESOtX1OQALsFxTqQkgFbx0Fe1P3H3r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=R1ZeHZY8R9liBy47F1jT9w&google_push=AXcoOmRxRGgdnc6mnn6twulCbC10oNdYupTg9ujdL8UAaJH8tWnV532ld8KIce-oEz9c4xESOtX1OQALsFxTqQkgFbx0Fe1P3H3r
Request Chain 377
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEFTZJ6d7d51vFPH6QmuyLvY&google_cver=1&google_push=AXcoOmT1evapXSicu6-dWL46pi8cREf2jg0Z0-cNegzDKm7zpZmWgDx2BP5Tyt-e8_mgMAi0SKBsAOvdzb4Sla2gQa6hbEL5m0I4IQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT1evapXSicu6-dWL46pi8cREf2jg0Z0-cNegzDKm7zpZmWgDx2BP5Tyt-e8_mgMAi0SKBsAOvdzb4Sla2gQa6hbEL5m0I4IQ&google_hm=acc8ce73d32b85952sopae00lr879hu9
Request Chain 378
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTYyRdDAWtr-5eXAa2F5yBVvoV6bgeyWw1OYDAAKM1jr3M3l8IXTiejf7sfsTJ9IE72CKQuERqMLCfA4d7uKQ9DY0H-DPrg0ts HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTYyRdDAWtr-5eXAa2F5yBVvoV6bgeyWw1OYDAAKM1jr3M3l8IXTiejf7sfsTJ9IE72CKQuERqMLCfA4d7uKQ9DY0H-DPrg0ts
Request Chain 379
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJCrdcGItWjNyAvBvDko1c0&google_cver=1&google_push=AXcoOmRKozkFLO-UEDe5z9_9wXG-gYplpCYOgOOoH1Vru6HUC4eLKr2-VyrxGZYJM3LjlGJezFi_GaMHUuy_kHP9s1Wk7s97Ujzvkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d07a02e7-9f11-4152-8204-dc68e15622a5&%%GOOGLE_PUSH_PAIR%%
Request Chain 384
  • https://fw.adsafeprotected.com/rfw/bgd/1525570/72171815/xbbe/creative/adj?p=APEucNUppgYGcrjksNsWH1PmNUnO_RFmLxZexljVxae1g9KEsjW8MAs&d=CokBAKAmf-DmetImTTZMfMqU-SThJcDKuncq5uMMKXX1eSc181sPh8nBf3NqfFW3q9Zq6QpYAtQFj91EDrVdNFEQ9HEyGHmvMaEVtAFx9mSgd_Vh2SNZkX0Ykj-IQzQhPsjCsQXaQ1y1_mX25UEj4dRhCP9DA2phmw6T9b46C317qnSDdvOAqQVF6R8SmRUAoCZ_4N8HUCJA4cAZlEt5MgFv-8kHtqoisoBYPeDLcdqIl0OeyuXyY2-uUXOvIFgeo3s379KqzNL-uCOKDH3zxliBF3powr27qLvG99lTNJc3Pl87iPEfiDEGllBHCWwXNjo9-RjyF5Z4BtEnCMG1--sDoigjVZ9j_HK565dgCcwvReKjv3NMTuKeTq7skLGSe5EyaFFl-_uS7CNqTgObSf5rRtPYmiD3o-q9eTevq96AhKNvxiRy89Tl2PMFmYFs55PNHrNtNx7oVqmWgJgP8J9-ybQowIzLqBZbhHC0XvnjcbQkH8XxGJO3qBXSXnKi5BuTjE2jMTCldo51myVoDWLk0BBeMaTkUN6KroNjbSO-mVM0e70ur7aUQ7DgaR2vjJt0PlTvaM37IvGZ8_N6IWeX9A_NbIRyrlmt6gmyuicJpSOuZwnxArpcslXhbUj0odHDlTJc5B9AERxNnOc3OlYVE7hKQ02QvSIqwdSDv7_K8vPtbNaLCY-OzxHfxl8gSbdX5CAn1CEAYkO59rM6IJSpEW5F3yfUYSmeMOhP80iT9uVp4_PJbaUYXpFiBuXqH94Q7Tj9OD2uGigBUTDY_0GnAPJmEAVsMVaFMz0ntflnKWuBDOG-3RS13YI02SwPL8AFk48i3Fu2tN6j98bEej_BQeCeV2CJC5k9M6efzx2QDkkizi-QWn5z8GR42J98f8vA_4GIib9QeeV4JQ_Qs8zq_Z1Nvh1Z47MD1I0rOaszC4yedLJE9Ky-cHB-gFHGWUpI7DZrQYVKvroVQaI5FcaG3Lk640Tg6rrKsOYvtXSxhLZFxUCSKLxB1x04Ps_mZNqqi1h6uZyBEcQ_LvEAlYe-HM-WG4r0E5AfZDfU6yjGqJgSDT6op6Cp9UKsjpK02lsqryUt4LNHSL3akSSBPgrXWwnLJ5GtG0rblye5QCMk3e6C_PAll9-d46C-EdKlSSEQAUJ_g3lw3kIqSptjP2lnp-1WgWqzilRzEecoTJTdHgYDIyOMDnTtN4n1zkvDSCULTcY0tedGA5lVONCpW2YaQBcsPzRyuNdaYxL5JyfjVcDA3dgt_JXexvrOsr7p5-CYL-7ggo00oZ9IMF4ZJsQwkuMWAplgE2oyZo_mtxthJyd7KXvaOgpyYgcBdaefYpUipHux_BxnyUk4eAy_z0-jEENDDPYib-bs0jDFgoAOE0gO6nUtyC6LbIkRdvo57M28XegGNTFRWbbeUP3zGpB_CWVBI7nn2Fx1tYV0FfzcIIBZaJGyIW-MqKj3xHoBdMyjcRDyoBtrGJVkHNlwU4YZn_BWWwYxOsUu6j6fq_8WNSMFSJVN4mzg-yj2ZiNnWAZmSzAyjXGKmeEyZvQNPjZz2WIVyT2xPy5j1D-xWsq723S509CTNHLJU06S0BTnotDmGDcY3ryZOQox5HgiFzZoJ3OrFPBHrPm_prYYLajo5-qwCLKzzDR-Ax-ltGK-ieMSbvy58XHMwmmVztuFyEpwohQAwSgNqQ2QVXH2JXxBzaUqKjxaw4BuvzK11WC9c8Rrd61hrUcObhIhBrojGwc9ylDlFxhX8vVei3qR7T2Irf3-6ut4RLW4uYzS_o0tunjLuBLnC_giSCyhsFrDfQIsSbHgeP12IipQfRpg37v-ToIvoobuncMwx-WpE-a7CeEkw4xHbezBTu5Z5BrJGK4GLerXjWcG1ytzq0dX4I2uSRAVgdqBuLiFAqBOpHlbtXuF8CkUZumcsbwkAsgOtyq-4enfyOApli9ZOlqlQGVa7j8RixkZ_MFA0esyRx6b_U7WXmA759AMSdlkFBhVAXFYBIditZDXFUYhBQDmsHwkV21BXPXRCk6UEIuTwv22RYjAzww_rbz1Jy8q_eJhiAuCRHnjoI0aO38TEn4QUUTNWb6Hr7GfXP5qLnRel_nQp0pJkt0-I2_JfAa_8H33iuI6sKAA6-duZWijbOWGydxEsyF8_6jhzzNfXtpZxxl2GS7KjERde-DWw-Q2xlt8mHj78nEhIHS7D77z_c1K5-FkWEJoGadE_QdH_zIJ0erVvwrfWOG8vuS7_o1x5HQPYTNG0Wh9BfuRSdU4ZkhQ-mR17f-FdhayAoRVCme4yh0QRNVZlXd6SQRVn5E7-LvJezWgl-fwPHz0aN60pWT4uURqzuS4FEHO9pc--A4Mh09g_ISdL4gCRtPTeDwEqBX-iIdfAwYC66gwWsoEjwWiVlGOoT_7zOwz9fmRyO6j4MLUJeavRxbTwBRYrWLUwcRQTREJSiOUnIn-UCv3WUndnwYEOAlays8JLDD5-j9M_3xSYskA4UWmKGPs8fZS-fff3UbamEIIRIXp4kpXfAeby0evAdaIZF7gdgkviLBqhC4DH73HTGP6qfYmX_tvMD5SdhCLjPa6Keh5OiaWtsW8pFby8zX0vaeCzW7t1jksvswAsWCQjJvnvIYPhwFtzsxbv48AC1BjYImgE_gYUG-aXcO-HhjoydCan_wl2bs8Xt0XfYednXMMlzwohPLDw-jC-YB-SYj0k_yYrf8yeXqspHjQqTwsWgPvGEIC2Fhpb9KG38v1LBSwcS9ZUqYvYU5lEyFNwA_OGSqqhnfQ_hWBYmqdkuK3nsqg2yBiHQ9jlC_ScOakrbKmNFfP9A7WeURCGYXVJKVfG9hmXfic2SAv9BQh5RApDN73cjCdgWWo4JzyoI5ImjKnXZ3XPoSC1WYQ-4HEqglQtotsrQiPck4FXyDzQOgwvjeR7zXP-qGH__sz4a9eCnkjtvHHF1D9_Xh2MUXhMB1H1hidTWTtfhBPfKBRFC2HYp_LSrHInaOywr1EBEukCgI49zRRTl40u-3I4XwWFfX8SIf5uo2D1bcjrpjiBPoAJecQERQ6tgc4cYQ6ilSREFxfacjKyGQeRtAwOfSVEMwpMM3f_7t_TATDxusdzRSCh76_suFMZv0ydvVRO5x96OeWgUpjtH7oW7hGP_L6trjhe5AbDDcl0ExigjURcZjj9A0AZcIxEfePWl5_Hr4aVb2hxZ4dYBj5MS3s7pqiAYPOVE7_MPel0JOOg1hQpLrOoGSX2vFwzxv7UlghlqiBZyGvry_KN2MIxdDLR-q9T4legY1La491I75le_ztb-w_glbzzhHG7IdingYesFzVvtACgBB99gkW7sq8GL9uxgKTSguhCZEzi-yGNnY4tMO-n2iou5s8FtHv9FUMcrjdSRp3mBA-iCCsSqThOXl_EFoVIlR1x3IFeScQVarhT3JVxvmlpfvpU4s8mHQTgsifUk90WlLCA0CL-blf_PJgps-EMyIyEG4Olx_Aeacs5cN_-zjJfRB8sPXH9vZv9o8JgbOEIG5oHLv_wzIeKtZ2DORZ_VthZp3LA9JtyIXDbrTS66jdPaHrxPZZ_9QOOj6_xm1-UalWSDtQPKGlX92OoAy4t8od7ONNE53o1S0aIEeehBpMcoI3ASZamTmeW1a3nFU2DFD-fpqTQU1trSTIWN0kSWVlrcwSx02gsBmtwdwZ3VmryTilzgLDo_M8CJC8UyJlYi3UxilgUixsFYUvZ-PrLMz9JajezLpsg4gCC8_soD-31-Ad6h64aSnKMNCm3a-PxiezfNRaovRd_Ayaa0aUtc1wGkEIBBI7AC8eF_-Z1ENF6BiprJ2t1vQZLH6HlmSMsUA9D_pi7prza4Bw92vTdc_xSEG3Em76YDVoVpTJfrdfY-YYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013062319&ias_pubId=pub-5884294479391638&ias_chanId=1&ias_placementId=20276414284&bidurl=https://grabify.link/track/41AL59&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j5W1agTNWUTKpjftE-vMDE&adsafe_url=https%3A%2F%2Fgrabify.link&adsafe_type=y&adsafe_url=https%3A%2F%2Fgrabify.link%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2c9dadb2-dfe4-31ff-97d1-66cb96f73455,c:VIGhz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5795db99-xqptr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:40,oid:23012d61-aff2-11ee-be01-92a8672778e7,v:19.8.471,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_300x250.js
Request Chain 390
  • https://gcdn.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/972FCB8EF8D1A5E5DC86015EFB8F1733AD4179CF.619C0F495A61219966581CFA0E05786295F6E89/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Request Chain 416
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1&google_push=AXcoOmSOD9CoKW3BCrlk_eNK8tHx0YP40FLHeF3kiSwJuv4yln9R2FhDmWPhfgSmUY0-dtD3eCfeSHf3NMXPsstglaCyAh8_xaVb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4NzMxMTk1MjI5MTIxNTk2NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
Request Chain 417
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOXhLUZE4tudVj7wBD4rjjI&google_cver=1&google_push=AXcoOmRD9Sa2Hy0urW3hg8sEe3-XxzEkOX2LY25Eq0dPJEG8olC7NcTm7Edf8ztW1vqRfE8fWAXnRKL0uLJ94y0X-FbOxv36ZzoT HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmRD9Sa2Hy0urW3hg8sEe3-XxzEkOX2LY25Eq0dPJEG8olC7NcTm7Edf8ztW1vqRfE8fWAXnRKL0uLJ94y0X-FbOxv36ZzoT
Request Chain 418
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKhTyLHIPluGCQ4e1pxBjxc&google_cver=1&google_push=AXcoOmQpokZyfPWQdYEBi13nqNjIwlC2u8wqwINB56XuLnb7JcGjs4hK-Cru4vqT5noKA9JQJ10I2JD5YPLI1npsYPPdpSHJQ1nl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQpokZyfPWQdYEBi13nqNjIwlC2u8wqwINB56XuLnb7JcGjs4hK-Cru4vqT5noKA9JQJ10I2JD5YPLI1npsYPPdpSHJQ1nl
Request Chain 419
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOPqNqt1Lnkt7vjRrJwVOmk&google_cver=1&google_push=AXcoOmR15yoD2y7kLFKa0z8yASz0wqdeMzzclYst33D22sSSLqSLTmRZ4SVwrhpMke1MfMbnb-bSw007FDrqx5EkOyPw7vg8a54P HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=cea8a33fc4&gdpr=0&gdpr_consent=
Request Chain 420
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIZ6fyuXZEof6NF-N5WtcUA&google_cver=1&google_push=AXcoOmTBcL16n0osCV77oT_GuXaVTmwGFs4wik91zL8EtZpNtTeLf8BtBvJX9Uf7XZQFb8UjGkdD1oo2WHJNhugFqfIot5udFziT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBcL16n0osCV77oT_GuXaVTmwGFs4wik91zL8EtZpNtTeLf8BtBvJX9Uf7XZQFb8UjGkdD1oo2WHJNhugFqfIot5udFziT
Request Chain 421
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEF1xQu-CVi7x2wQWKSstaHU&google_cver=1&google_push=AXcoOmR80eFfkbtLLW-PkOha8SOXIjUsnrrTkJW6qPLjtX1kcZMpxO_BfuwtGSfgQR1r4_6CsSpChpu_WnlTtdWa7tu745mqOm0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTk1NjNlYjg0MmIzNDU0NThiMjNiMjYwZTJhYjRmZmM%3D&UIDF=CAESEF1xQu-CVi7x2wQWKSstaHU&google_cver=1&google_push=AXcoOmR80eFfkbtLLW-PkOha8SOXIjUsnrrTkJW6qPLjtX1kcZMpxO_BfuwtGSfgQR1r4_6CsSpChpu_WnlTtdWa7tu745mqOm0
Request Chain 422
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEBtGRHtRWadR5SfpS9fKHWQ&google_cver=1&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHlTvnNbuAoWwmBOa-wUkszVdktg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEBtGRHtRWadR5SfpS9fKHWQ&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHlTvnNbuAoWwmBOa-wUkszVdktg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHlTvnNbuAoWwmBOa-wUkszVdktg&google_hm=WVRvY050Zmhhblh0ZjZqYkxPaHo=
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1&gdpr=0
Request Chain 426
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ72EsTdxh8P9zeyMg-eQQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1
Request Chain 439
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMf_ss48IJevTPesVj6ZNvI&google_cver=1&google_push=AXcoOmSYAy82Quj3NkOAWE1UKl8eP90zPlf0ULIjCIIhh7TG0dQrd0MgqWhMIB5FLgtRhkjM-5G20TkjxtjiTM1lWJarS3CCVfxS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSYAy82Quj3NkOAWE1UKl8eP90zPlf0ULIjCIIhh7TG0dQrd0MgqWhMIB5FLgtRhkjM-5G20TkjxtjiTM1lWJarS3CCVfxS&google_hm=0HoC558RQVKCBNxo4VYipQ==
Request Chain 441
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRhgQSdCubSL_o1_vwABLuAoBvBtP1K6H8DqDBVenKUOK-F9ZHaO5dGrPzbH9nZhdpRME0zybhwjpOZpdGfhvrF-WtyECkh%26google_hm%3D%5BUID%5D&google_gid=CAESEKH9ayMfjFAjDDrvoJ1qkOI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRhgQSdCubSL_o1_vwABLuAoBvBtP1K6H8DqDBVenKUOK-F9ZHaO5dGrPzbH9nZhdpRME0zybhwjpOZpdGfhvrF-WtyECkh&google_hm=cc66ad2d-3985-43c0-8884-8fee449e377f
Request Chain 442
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENpvdGueB6GLIlasphO6Qlc&google_cver=1&google_push=AXcoOmTsKDSH6nbEZjjdtMWrjk8RzUIhMwvrmjpeE7NwDL58az91_lrnDIApj5KtMeLbNXuEGHaiPIl2NQpTqjJBvI0DUdoSUgeoXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTsKDSH6nbEZjjdtMWrjk8RzUIhMwvrmjpeE7NwDL58az91_lrnDIApj5KtMeLbNXuEGHaiPIl2NQpTqjJBvI0DUdoSUgeoXg&google_hm=MzkyMTY2NTczMDA2NDUwOTY2OQ%3D%3D
Request Chain 443
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELsyxOO6-Z446cPjDwMqcik&google_cver=1&google_push=AXcoOmTc8JnLat8Vcrha1ASKb0vYpKc4TKLsrdpXupU1ZD8HEszL95ZdzDpxg3u-6oSBc-6FE9DnX14NZBSSzeuQ9kNGJW8JWapYkY0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NGNkMzBhZmQtOTU1My00ZmE1LWJmMmEtNWU2ZjJhMTYzOGU1&google_push=AXcoOmTc8JnLat8Vcrha1ASKb0vYpKc4TKLsrdpXupU1ZD8HEszL95ZdzDpxg3u-6oSBc-6FE9DnX14NZBSSzeuQ9kNGJW8JWapYkY0 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 444
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEFTZJ6d7d51vFPH6QmuyLvY&google_cver=1&google_push=AXcoOmTQbyn0Ewf2RMLGXFU4wMh4DXnPvL1Al8YeaAjScoIxAhxRC8BN1cBRFybO_xjAgeRhL0mCOO0jCYbhlkPTHJf-HN7RGrt4raE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTQbyn0Ewf2RMLGXFU4wMh4DXnPvL1Al8YeaAjScoIxAhxRC8BN1cBRFybO_xjAgeRhL0mCOO0jCYbhlkPTHJf-HN7RGrt4raE&google_hm=acc8ce73d32b85952sopae00lr879hu9
Request Chain 445
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTeDG5VFMQpPVuXewcG9LnEFObO0Ot6uwenri5Gzm87FVpr1rWJm_nySBivJe_hWwL6X1DQsJqZphDh5pkpxSqzkNU2QhY1ero HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTeDG5VFMQpPVuXewcG9LnEFObO0Ot6uwenri5Gzm87FVpr1rWJm_nySBivJe_hWwL6X1DQsJqZphDh5pkpxSqzkNU2QhY1ero
Request Chain 472
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAqJ87UsmOW6iuHSatnN-eE&google_cver=1&google_push=AXcoOmSIYALygK0DGGtdcWjRjlio1VTyqaibL1HvPFc5VLKMwl1nk7aQ448wh2M6LEOBfvFcTfUfDii8z0xTl124IQLeAl2sMXU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAqJ87UsmOW6iuHSatnN-eE&google_push=AXcoOmSIYALygK0DGGtdcWjRjlio1VTyqaibL1HvPFc5VLKMwl1nk7aQ448wh2M6LEOBfvFcTfUfDii8z0xTl124IQLeAl2sMXU
Request Chain 473
  • https://um.simpli.fi/gp_match?google_gid=CAESEG_tHIF5fFCQnxtO45Z5Z1A&google_cver=1&google_push=AXcoOmQtcPiALl-wx0DBvxEqvKYq6JBcEb1LSQsfY2IFSRAmDr1vP86jp4VgBwXEsklDUYrRts-Tp6hMlvY9wMPDVe4oZQuBlXXE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FE721A3DDDE64E31BD9FAC6D37C1BAD4&google_push=AXcoOmQtcPiALl-wx0DBvxEqvKYq6JBcEb1LSQsfY2IFSRAmDr1vP86jp4VgBwXEsklDUYrRts-Tp6hMlvY9wMPDVe4oZQuBlXXE
Request Chain 474
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMhgIhRjU8XV2suykKatk7o&google_cver=1&google_push=AXcoOmTEhYGlIeZhRSpVbg6iH9TyViYKsj-Gj_0Uc3vUjshRq29UB6m87ZPXBahGjgOzGtzYxRVaCxR_H9AFyUif0ye7BoWc4iga HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTEhYGlIeZhRSpVbg6iH9TyViYKsj-Gj_0Uc3vUjshRq29UB6m87ZPXBahGjgOzGtzYxRVaCxR_H9AFyUif0ye7BoWc4iga&google_hm=PpBN0I6EQNq92tcoa6KAlvs
Request Chain 475
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMf_ss48IJevTPesVj6ZNvI&google_cver=1&google_push=AXcoOmR3v7IfivO77fOidykEsvgkV6FvrjlX0G2JI4hw3rx8DHcyfE4FYzkFxgh2jTpX0Vtmpi5M0FCWqgcjOL4NLpKFoSyPSWt_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3v7IfivO77fOidykEsvgkV6FvrjlX0G2JI4hw3rx8DHcyfE4FYzkFxgh2jTpX0Vtmpi5M0FCWqgcjOL4NLpKFoSyPSWt_&google_hm=0HoC558RQVKCBNxo4VYipQ==
Request Chain 476
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJFrWS34HVInY_6BvSM7ho8&c_param1=AXcoOmSbXDtH9CAHq9A6uoFb2xdEvMv9-rg4tcDjubi5we56qgJpQzT71Qi1j8Ksq6jrk7qTMHVH2N67haRwYmwSbQNHA9RmrUVG&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSbXDtH9CAHq9A6uoFb2xdEvMv9-rg4tcDjubi5we56qgJpQzT71Qi1j8Ksq6jrk7qTMHVH2N67haRwYmwSbQNHA9RmrUVG
Request Chain 477
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKhTyLHIPluGCQ4e1pxBjxc&google_cver=1&google_push=AXcoOmTb-mFAgGB7XyQNL4Ukr7SSH79O4M2W3elrbDB0hTW4b_j9p8jeYdWQfwhOVmdXt9cknCmB5Cff3XxCzX7p5qGIGdpMSEY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTb-mFAgGB7XyQNL4Ukr7SSH79O4M2W3elrbDB0hTW4b_j9p8jeYdWQfwhOVmdXt9cknCmB5Cff3XxCzX7p5qGIGdpMSEY
Request Chain 478
  • https://an.yandex.ru/mapuid/google/CAESEF11Gp69vM-h7CeW3F4MiqI?ext-param=AXcoOmR7pzlOeNbmvUlLrvlR2uUT7iIirUEEQ_kWpoiliU--oBVGWDTNDmVOSuFjO24qRf0wpEQ6RDcTTdaT2yIsr5TDljAdMBx3&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEF11Gp69vM-h7CeW3F4MiqI?redir-setuniq=1&ext-param=AXcoOmR7pzlOeNbmvUlLrvlR2uUT7iIirUEEQ_kWpoiliU--oBVGWDTNDmVOSuFjO24qRf0wpEQ6RDcTTdaT2yIsr5TDljAdMBx3&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEF11Gp69vM-h7CeW3F4MiqI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEO7zhPcX3RA8yx5PqT_l2bQ&google_cver=1
Request Chain 485
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQq5t2dPKScJAGPLbZqcr8&google_cver=1&gdpr=0
Request Chain 487
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk2Mjg5ODItMjM3YS02NGJjLTRlMWItYTkzYzBkZjdhZjU2
Request Chain 511
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCtpL-5Ahjbj9j6ASABMAE&v=APEucNVwbtxnb3yBqDyGxqjTXYByxB2ak_y9jEJC2ONB3J4TBZPgXlie71jWuzubdkSy_s_4-h3lbilPstTcvY4Xu6KILak6prhI2N_BT-B4CG6ZRoqAtC4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEDmaoitjofR-cUYZkFJSqEY&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEDmaoitjofR-cUYZkFJSqEY&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=d8a8cbc05c4cb42f87c6f0b12e632bf0&uid=d8a8cbc05c4cb42f87c6f0b12e632bf0&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 519
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEH9J5tvERLoKk1gxHAbNDcY&google_cver=1&gdpr=0
Request Chain 520
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NGNkMzBhZmQtOTU1My00ZmE1LWJmMmEtNWU2ZjJhMTYzOGU1
Request Chain 521
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEOTsdbfE7uCr8UEUYyUgluQ&google_cver=1&gdpr=0
Request Chain 528
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k
Request Chain 529
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4261276730387416164&gdpr=0&gdpr_consent=
Request Chain 532
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9751CC68-3D62-4259-91DE-A54BCBD0BACD&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9751CC68-3D62-4259-91DE-A54BCBD0BACD&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 533
  • https://pixel.onaudience.com/?partner=214&mapped=9751CC68-3D62-4259-91DE-A54BCBD0BACD&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b651756cdccbd741/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f2039597f87c217357776fc18f758fde&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b651756cdccbd741 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7aca9bd1-4597-4ce2-4ff5-b62191a0bc99&reqId=2b0a0fab-91aa-4391-5251-ac74c814b660&zcluid=b651756cdccbd741&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECZaeQS2s3xcmeDAfYBwOpQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7aca9bd1-4597-4ce2-4ff5-b62191a0bc99&reqId=2b0a0fab-91aa-4391-5251-ac74c814b660&zcluid=b651756cdccbd741&zdid=1332
Request Chain 536
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wSNq6exE2uUGt98Hv70Fr91xVcGkWTU-~A&gdpr=0
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESENRrd8F8pvKnIJObKrF4Hzs&google_cver=1
Request Chain 554
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IN1lqR2c1RTJ1RldMWndXM19MemJyMENzbXVpd3dCNX5B&gdpr=0
Request Chain 563
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG9Oo0cyBzRRS3fPbQWTpOg&google_cver=1&google_push=AXcoOmR0VVSje-vKuHMr1ITEHUmXGLSC8tLynwHWaQB2fbJ6zQJL9fp24KMiJU8_TgNHcu1_JQ1f4arRCSFjLdJSZeUpRdWH0Zek HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR0VVSje-vKuHMr1ITEHUmXGLSC8tLynwHWaQB2fbJ6zQJL9fp24KMiJU8_TgNHcu1_JQ1f4arRCSFjLdJSZeUpRdWH0Zek&google_hm=0sbyh-QraODUBZqex4TVmQ
Request Chain 564
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL0NQ3GcL5x8NvZJRzt6UPM&google_cver=1&google_push=AXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL0NQ3GcL5x8NvZJRzt6UPM&google_cver=1&google_push=AXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 565
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPPJxPiWJj01Tn_lyoUZ0NE&google_cver=1&google_push=AXcoOmQ33oJIbWo4g8yvPRPEWfG1ZDJcKwuCWzMhwZLKCVbuwKgSCVxn_WMMCSuiHx3nohYSGaLYezxW9BrSf6avt9GRCypYUicf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ33oJIbWo4g8yvPRPEWfG1ZDJcKwuCWzMhwZLKCVbuwKgSCVxn_WMMCSuiHx3nohYSGaLYezxW9BrSf6avt9GRCypYUicf
Request Chain 566
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMkjpJpXfkCgyCCukyWZGdE&google_cver=1&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-fO9bb_Q HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMkjpJpXfkCgyCCukyWZGdE&google_cver=1&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-fO9bb_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-fO9bb_Q
Request Chain 567
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDM2JUcXv0J_7F_jkujkOno&google_cver=1&google_push=AXcoOmTbEME6VnQdDugPg5wO1Ypy_riaPKfbgWlBNXVNK7uVvN9hOh0yUlNmZ_O8MxzFZZCB0bTLsnHHbkzGycJaH9B7d7a6FilbNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNzM0NDYyNjgxMDkwNjUwNQ&google_push=AXcoOmTbEME6VnQdDugPg5wO1Ypy_riaPKfbgWlBNXVNK7uVvN9hOh0yUlNmZ_O8MxzFZZCB0bTLsnHHbkzGycJaH9B7d7a6FilbNQ
Request Chain 568
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmSHLThVSRXU89X1y8BUV64WGJXctAJbgOlScAXGZNhFbBBGTsKiKmamrbDG7VW3Xsix74MMFQpiS-AGwZx_mmhsiOi3Dl-bgIE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmSHLThVSRXU89X1y8BUV64WGJXctAJbgOlScAXGZNhFbBBGTsKiKmamrbDG7VW3Xsix74MMFQpiS-AGwZx_mmhsiOi3Dl-bgIE
Request Chain 569
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHKpzEXQXayS0D4dy7MTrRw&google_cver=1&google_push=AXcoOmS91GfRrTQ9JZ06reghqK9PV1Pp47WPIgG5AB9GkGkAdo0GTqBWc4UxFlbDnCuVPZNIma8nmoghaVYUCj9VuuEI_2lVR35XWeY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS91GfRrTQ9JZ06reghqK9PV1Pp47WPIgG5AB9GkGkAdo0GTqBWc4UxFlbDnCuVPZNIma8nmoghaVYUCj9VuuEI_2lVR35XWeY
Request Chain 582
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1&google_push=AXcoOmSTjn__uJ5juLVdl81S0QrhbLFVFfMqghUBQSq64uNkS7xoDG3LHc0rTs0uvlc_Gke0Wbmjk3vdlnAX_L_zmr9XunzoQUX-5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4NzMxMTk1MjI5MTIxNTk2NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
Request Chain 583
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOXhLUZE4tudVj7wBD4rjjI&google_cver=1&google_push=AXcoOmQUipibdncLAUqgcFWRIcARt3T8m9_aWQU-xRn8sM0_5jEXP8HDo38MRjEqAcbyenle5rp3MZf7ZlWUQgkEf_2uc1B7D8mHbQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmQUipibdncLAUqgcFWRIcARt3T8m9_aWQU-xRn8sM0_5jEXP8HDo38MRjEqAcbyenle5rp3MZf7ZlWUQgkEf_2uc1B7D8mHbQ
Request Chain 584
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMf_ss48IJevTPesVj6ZNvI&google_cver=1&google_push=AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-6ASAmYzvAQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-6ASAmYzvAQ&google_hm=0HoC558RQVKCBNxo4VYipQ==
Request Chain 585
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHRdupNXqy0G79SNSwK0qHI&google_cver=1&google_push=AXcoOmTnMP0a2KbrAeYCOKKVHvzZEzIDAg1CfPKmlYF2B5HzCTS2amSiR5BB_qTwjiXwL9RysZDrqLybuQJxZkZXAk-IDlprVGRkiA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnMP0a2KbrAeYCOKKVHvzZEzIDAg1CfPKmlYF2B5HzCTS2amSiR5BB_qTwjiXwL9RysZDrqLybuQJxZkZXAk-IDlprVGRkiA&google_hm=eS0zZHFDdlExRTJwSEdOOTQ2ZXdSc2E4S1ZnN1Zvcm1qc35B
Request Chain 586
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAxZoxFFfGcIMsJdihq1WPc&google_cver=1&google_push=AXcoOmTbqW6ZBdYUAvbpY3mcXXZoRuLh3Txdg7ZRhsjd5ieAHROKY4KvM5LNwt1BJRBZc6dXxy13c3O8gEpfpiIZL_y5Hrobum3l9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NzlNSDMtMUgtNlFPTQ==&google_push=AXcoOmTbqW6ZBdYUAvbpY3mcXXZoRuLh3Txdg7ZRhsjd5ieAHROKY4KvM5LNwt1BJRBZc6dXxy13c3O8gEpfpiIZL_y5Hrobum3l9w

653 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 41AL59
grabify.link/track/ 		37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0157f7dc40b6d1f11a9fbbc78050716bf696c588b83bb21d13bc32fa8e9ada2c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8437795beeec59c5-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 19:54:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc4P81TQzdXg7OB97fEEha2p8JD3C6SQRvS8SVFQ%2BosfYgB3gLeFh2%2FmyRcNSL7n%2FXce6GxDf41twcglMgAu%2Frri8f9vikDXXuabkWySPG7c%2FRFMFjeZYzYNHpdHvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
grabify.svg
grabify.link/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grabify.link/images/grabify.svg
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7929a4da51b811df7fc746c9d3774cf065c31685f1ef58651f947cd719ff04b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 08:48:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6192
etag
W/"1225-5f5e6e55d4a17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d5atQS5UMoto7V6yZ62RWDzj885P6eA4aT1L6%2Bn8wrRD%2BKVMeyI2D0OYrxQVfVgQf14fb%2Fp45hKOa6oSr5KKlXTwe%2FZ6ffaSke1kpKmfwJ%2BqEb%2FfbBiCJocJWWwXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
8437796dfa4659c5-MXP
alt-svc
h3=":443"; ma=86400
styles.css
grabify.link/css/ 		408 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grabify.link/css/styles.css?id=48896c0ea5065ab4df76c89086036973
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49197fdf28ef66458948f5c58db85bd8d4b1f72aa8bdb9fdcd1cd2319571600a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Dec 2023 01:47:09 GMT
server
cloudflare
age
5883
cf-polished
origSize=494927
etag
W/"78d4f-60d9c35d18afe-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pj51aGNir3gFYix0t8%2FSULqIADyrzjMSapCuMcMu0ak%2FbQdP8v4Nnqp7YtRXG83AHQN0HSwYJDj6d6EBbXN%2BZhUbWUNs6128pBCe%2FtFTfEYgvkke%2FbzkcS44BmXFOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8437796dfa4359c5-MXP
alt-svc
h3=":443"; ma=86400
scripts.js
grabify.link/js/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/scripts.js?id=98193a711f4ce06606554e0085a96559
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
303de2fa51c0159bb08fedec14ed162e0368756501e54c37f7acb4663acda1d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Dec 2023 01:44:09 GMT
server
cloudflare
age
6194
cf-polished
origSize=91491
etag
W/"16563-60d9c2b18683b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV7%2BNap6jxa%2FLaPx%2BHVxlVcoteYHgFmVTKWUtxSRl2OI%2FC80HO5H8IVES12PRAGyWmI9wE3GbGF7B5tE9SAbc3fNpJpmhEKQ5vyRKDcopEh1zpQG5bOjLY%2BxWGwCjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8437796dfa4459c5-MXP
alt-svc
h3=":443"; ma=86400
ads.js
grabify.link/js/ 		19 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/ads.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1361
cf-polished
origSize=21
alt-svc
h3=":443"; ma=86400
content-length
19
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 08:48:42 GMT
server
cloudflare
etag
"15-5f5e6e55d59b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByKdew%2Fo97gQVsvBMEwmYx756rD7RdJFX31Arr0QvjeiVBY%2Fv3YG3zescJnxcBjnB5Hb76By3Khvog%2F0XEXSdgQG0FWxuKyNeWv9J3hVa7mcvix3RaQV%2FH5XE%2FyCkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
accept-ranges
bytes
cf-ray
8437796dfa4559c5-MXP
fuse.js
cdn.fuseplatform.net/publift/tags/2/1218/ 		293 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
42dc4a2eea1119e413b10d6ac344f6a261d85c81a4198104692a4fb1432b17fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 18:39:49 GMT
server
AkamaiNetStorage
etag
"373871a7df687992e72e25cc3b032169:1695148680.948846"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
66107
expires
Wed, 10 Jan 2024 20:24:55 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BT991JCKD2
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
18a267c20208e56ca707bb022b70b7c7708b951ce1f9717becd94405983b75f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84360
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 19:54:54 GMT
qrious.min.js
grabify.link/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/qrious.min.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db99dcaf40a926181bce4522477c2efc5924f6c4b29111b6a97faea477c9528b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 08:48:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1841
etag
W/"44ab-5f5e6e55d59b7-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2oKjPPvmvxP7TlrS44u%2BTDFYpwR3GTFPiTC9FTUmpCjOONBqYMgEtiEXjSlnq3GE2PN2SMer65AlII9G4AXkCrc9%2FU4Vd3YtgVG3eLG7%2Fp%2FKDcPqqbti%2BCVUyoxqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8437796dfa4759c5-MXP
alt-svc
h3=":443"; ma=86400
tpage.js
grabify.link/js/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494e2cc25216c748be4a85e81747d923c42ffb56de687ce6a18538382111e22c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Dec 2023 01:44:07 GMT
server
cloudflare
age
4211
cf-polished
origSize=143986
etag
W/"23272-60d9c2b024ff1-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCO23nGdJdShSofKlb0%2FOXBCwTT5LZgBCq0FPMBWL3YHpGsIseRDWtDAWsSDqqpov9mVN2nzW9wkcyuJVpVk5MnjhT4lJWHFPaPpD%2BGdr1G0mbGEzDng68hHYy%2Fd4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
84377971e9984bef-MXP
alt-svc
h3=":443"; ma=86400
jquery-2.5.3.min.js
grabify.link/js/ 		169 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.3.min.js?id=a9e332d1f56cf8ad5b7e10336cf58b24
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3387c0ded718861e49bafc66b028a1f5335afa6ecac37a1afee5d5825f52a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 29 Dec 2023 01:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2a24d-60d9c2b30c2a5-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Fe8es9%2F0r6Rp%2BljdA9fTcmptc3BwnXCMNV27nnSt7lQFFQlVXOM4ddIekRfZDH74tR89pScJvQAgEJEJRPgOpJocedICK%2FDZTSZw0H1ASj36W%2FZgmnEDOv9HZgzBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8437796dfa4859c5-MXP
alt-svc
h3=":443"; ma=86400
grabify-inverted.svg
grabify.link/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grabify.link/images/grabify-inverted.svg
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21183b38bf88f31bb2640e1f798cef48fcd73b13de5405061b7dc48769f95ea6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 08:48:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6193
etag
W/"1222-5f5e6e55d4a17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ4dhH3g%2FdJgfnz6YhIhzEL3e7vkTo3DBe2N8wSE1z%2BKuTeHUAC7cJA1umM%2BE7ZDxA0Oo3zW1YUqJrElZd%2B0T8pl4fO3RTWAta50Hv7hbZFfWDgxTPlA5V1PhJwyWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
8437796e9b5859c5-MXP
alt-svc
h3=":443"; ma=86400
check.js
grabify.link/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/check.js?id=552237347c1db6c950f4e4200407cbb8
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7788279482ed1279eba2d842093bc6a3ffe2d493f032c127a45749f5b44047

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Dec 2023 01:44:09 GMT
server
cloudflare
age
5865
cf-polished
origSize=1423
etag
W/"58f-60d9c2b18683b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Dh5Y1Q%2BoBOfY0hwFwqESLMImhmx9sPOwG3lzxVCpG5gHP7TneoF77%2B9SX%2Fvao%2FSHNoSrdb%2BO%2Fm0dRdlKgF9P0Pj2nU8rG19hBdn3iCXKJWnlk8Zs7yCQb8P8js8Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
84377971e9a14bef-MXP
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84377978592d4c52-MXP
css2
fonts.googleapis.com/ 		5 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap
Requested by
Host: grabify.link
URL: https://grabify.link/css/styles.css?id=48896c0ea5065ab4df76c89086036973
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f138.1e100.net
Software
ESF /
Resource Hash
0b9bd520cf2c03793934666d9f14668fb58ef8ab26eaa818ca7c03c647904a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 19:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 19:49:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 19:54:53 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
090c61f18902068e7d07239736997f1a94127d66c7af445a95f6dcf77515703e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 10 Jan 2024 19:54:54 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:36:20 GMT
x-content-type-options
nosniff
age
188314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 15:36:20 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:58:08 GMT
x-content-type-options
nosniff
age
125806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:58:08 GMT
webfa-solid-900.woff2
grabify.link/fonts/vendor/@fortawesome/fontawesome-free/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://grabify.link/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?bb975c966c37455a1bc3c7e29971386c
Requested by
Host: grabify.link
URL: https://grabify.link/css/styles.css?id=48896c0ea5065ab4df76c89086036973
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Request headers

Referer
https://grabify.link/css/styles.css?id=48896c0ea5065ab4df76c89086036973
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:53 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Dec 2023 01:47:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4858
etag
"24a6c-60d9c35d18afe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEYW0yK0f1v0LOZFJUjaePErjQJ%2FEx8CDUDtZIa9I5NA0g%2Fi5XXGxUtIbC1O2eegu8vFUQZ7kuIZ0zo6JutVpPs0LjdcMqiTd3wOWzTDUkffifXlBKgTBKvzuh3CTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
accept-ranges
bytes
cf-ray
8437797209e34bef-MXP
alt-svc
h3=":443"; ma=86400
content-length
150124
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:19:53 GMT
x-content-type-options
nosniff
age
416101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Jan 2025 00:19:53 GMT
jquery-2.5.2.min.js
grabify.link/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.2.min.js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.3.min.js?id=a9e332d1f56cf8ad5b7e10336cf58b24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f3e0ab3e58213744ab82fd4170e95504a0d5eba25594f42e292b8f104a8293

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/track/41AL59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 29 Dec 2023 01:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1904-60d9c2b314f46-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Dn4U46eGy1ZLhLCMXQot5rKi569s%2F1BFbCNuAXw0cv%2FdG34JstTb%2BNQYM%2BuoG79AieMHBWyQjpfr1XlznpWZq%2FZtfWro7F3XhZCoO59%2F7CVXQTZff4I0XMrk8P%2FgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
843779728b154bef-MXP
alt-svc
h3=":443"; ma=86400
default
embed.tawk.to/56dbf56bfd8c937066739b91/ 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b1e556697895ec0eb0236a939907e9f428b97ec20a903d3a6c689adffc862b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
219
etag
W/"stable-v4-65839862293"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
843779785bea3751-MXP
alt-svc
h3=":443"; ma=86400
41AL59
grabify.link/api/track/ 		128 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/track/41AL59
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0200bf8e901ea3273a090ba8933e863781205ebda362ec23a01ae8492f4adb

Request headers

Accept
application/json, text/plain, */*
Referer
https://grabify.link/track/41AL59
X-XSRF-TOKEN
eyJpdiI6IkRQd3BEVXA3a1oxdHVGcXRWWGlSWGc9PSIsInZhbHVlIjoiUy9sYmVSMzVVWTcrbnA0TU5Fb3B3Ukx0d1FlbUJKR0IrOHFYRU9QYVlWY1dmbUtxenpOQ0JFQkJiOUlPK0hNYUtHRzcyc1lyQXc2M1BIaDJyMUN5QVg4WUpGNklmRHdsWDgxbE51b0hFZHc5bGRQMFBkbkRoZ3pJKzVmcjUvZGgiLCJtYWMiOiI4MWM3MGQxNzRhMWQxZjBmOTMxNTI3NDVjY2Y3OTdlMjE4ODk4YTMyOWU2ZjA5MjVmYzc1OGE0YzY3NTJmYzE2IiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agents
MGplSDJpSlozY3dCZDQ4ZGZlcnZsUDRXNWM1YlcyRnZzRmdSUzhONw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
9
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOc7YHbrU9uPbZHnYI4cpPewkG2aDsrFlw%2Boj0y6dTXfzBlY1iWoQ8onkq8f5KYiv7hsio8uLiFh07ON6d55h9%2B%2FigDqU94b9oV66ewZbjvHKBvhexk0GGAewr4YHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
10
cf-ray
843779732c7f4bef-MXP
alt-svc
h3=":443"; ma=86400
domains
grabify.link/api/ 		2 KB
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/domains?r=124
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7f2d3494b71218513452d0008db7f4ce2cc40f3fc5a76addd3dccaaae01e96

Request headers

Accept
application/json, text/plain, */*
Referer
https://grabify.link/track/41AL59
X-XSRF-TOKEN
eyJpdiI6IkRQd3BEVXA3a1oxdHVGcXRWWGlSWGc9PSIsInZhbHVlIjoiUy9sYmVSMzVVWTcrbnA0TU5Fb3B3Ukx0d1FlbUJKR0IrOHFYRU9QYVlWY1dmbUtxenpOQ0JFQkJiOUlPK0hNYUtHRzcyc1lyQXc2M1BIaDJyMUN5QVg4WUpGNklmRHdsWDgxbE51b0hFZHc5bGRQMFBkbkRoZ3pJKzVmcjUvZGgiLCJtYWMiOiI4MWM3MGQxNzRhMWQxZjBmOTMxNTI3NDVjY2Y3OTdlMjE4ODk4YTMyOWU2ZjA5MjVmYzc1OGE0YzY3NTJmYzE2IiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agents
MGplSDJpSlozY3dCZDQ4ZGZlcnZsUDRXNWM1YlcyRnZzRmdSUzhONw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1151398
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 28 Dec 2023 12:04:55 GMT
server
cloudflare
x-ratelimit-remaining
7
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LPmhOVpipYBq02fENssixc5OX7Cmk9IIYoDbtttfEzMLblN8u%2B%2Fx8NyJqeum4BmQQExsUsCW4k8oLbfKhF%2F4FBxRU7XpV6zDF6pZeurwT%2F%2BXuE4%2B2QZhazeYtcR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, public
x-ratelimit-limit
10
cf-ray
843779733ca34bef-MXP
vary
Accept-Encoding
domainscustoms
grabify.link/api/ 		397 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/domainscustoms?r=123
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ef8aaff0d634472d555329eb2848579c637297ec749ce1f59f32c3dc1aaec2

Request headers

Accept
application/json, text/plain, */*
Referer
https://grabify.link/track/41AL59
X-XSRF-TOKEN
eyJpdiI6IkRQd3BEVXA3a1oxdHVGcXRWWGlSWGc9PSIsInZhbHVlIjoiUy9sYmVSMzVVWTcrbnA0TU5Fb3B3Ukx0d1FlbUJKR0IrOHFYRU9QYVlWY1dmbUtxenpOQ0JFQkJiOUlPK0hNYUtHRzcyc1lyQXc2M1BIaDJyMUN5QVg4WUpGNklmRHdsWDgxbE51b0hFZHc5bGRQMFBkbkRoZ3pJKzVmcjUvZGgiLCJtYWMiOiI4MWM3MGQxNzRhMWQxZjBmOTMxNTI3NDVjY2Y3OTdlMjE4ODk4YTMyOWU2ZjA5MjVmYzc1OGE0YzY3NTJmYzE2IiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agents
MGplSDJpSlozY3dCZDQ4ZGZlcnZsUDRXNWM1YlcyRnZzRmdSUzhONw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129803
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Jan 2024 07:51:30 GMT
server
cloudflare
x-ratelimit-remaining
6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMz4bSpwWa6GCWdCnz2gkRsKZjTe55XMrQQay3oQcxxXk8hKUBwGgIM2rVebLshkdQtdN6BiQmYyagFwMOCF74BiWdh12J9Iz%2BNklTnUWl66nY4Wfb83%2FsVJ4z4k4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2073600, public
x-ratelimit-limit
10
cf-ray
843779733ca64bef-MXP
vary
Accept-Encoding
41AL59
grabify.link/api/track/short/ 		898 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/track/short/41AL59
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5ea17e1328be2057e94106d268cf6fe9ba4dc95c2aaa3ecc7b23afcec36ef9

Request headers

Accept
application/json, text/plain, */*
Referer
https://grabify.link/track/41AL59
X-XSRF-TOKEN
eyJpdiI6IkRQd3BEVXA3a1oxdHVGcXRWWGlSWGc9PSIsInZhbHVlIjoiUy9sYmVSMzVVWTcrbnA0TU5Fb3B3Ukx0d1FlbUJKR0IrOHFYRU9QYVlWY1dmbUtxenpOQ0JFQkJiOUlPK0hNYUtHRzcyc1lyQXc2M1BIaDJyMUN5QVg4WUpGNklmRHdsWDgxbE51b0hFZHc5bGRQMFBkbkRoZ3pJKzVmcjUvZGgiLCJtYWMiOiI4MWM3MGQxNzRhMWQxZjBmOTMxNTI3NDVjY2Y3OTdlMjE4ODk4YTMyOWU2ZjA5MjVmYzc1OGE0YzY3NTJmYzE2IiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agents
MGplSDJpSlozY3dCZDQ4ZGZlcnZsUDRXNWM1YlcyRnZzRmdSUzhONw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdwJx8RQIl5nDo%2B1r62nWmgTZTUHqYROkcdXVvpyp%2FyA6IdKgJ9lipWOBhWNVM6OLrBM6t4f7r%2B7xgyDXqxY7ZWf0pIwyRmnaBi412zbs8W06UnjSoFhLX7HZzd1EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
10
cf-ray
843779733ca84bef-MXP
alt-svc
h3=":443"; ma=86400
41AL59
grabify.link/api/logs/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/logs/41AL59?page=1&order=asc&sort=Date
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22bd450fa24010af890c6586bf2ba358e09c4871faa44e408a5bb22514da03fe

Request headers

Accept
application/json, text/plain, */*
Referer
https://grabify.link/track/41AL59
X-XSRF-TOKEN
eyJpdiI6IkRQd3BEVXA3a1oxdHVGcXRWWGlSWGc9PSIsInZhbHVlIjoiUy9sYmVSMzVVWTcrbnA0TU5Fb3B3Ukx0d1FlbUJKR0IrOHFYRU9QYVlWY1dmbUtxenpOQ0JFQkJiOUlPK0hNYUtHRzcyc1lyQXc2M1BIaDJyMUN5QVg4WUpGNklmRHdsWDgxbE51b0hFZHc5bGRQMFBkbkRoZ3pJKzVmcjUvZGgiLCJtYWMiOiI4MWM3MGQxNzRhMWQxZjBmOTMxNTI3NDVjY2Y3OTdlMjE4ODk4YTMyOWU2ZjA5MjVmYzc1OGE0YzY3NTJmYzE2IiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agents
MGplSDJpSlozY3dCZDQ4ZGZlcnZsUDRXNWM1YlcyRnZzRmdSUzhONw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9PZjAjk0XTkEcOYdoMvOYI5LzzbfPbYcu1PKT%2FBezd4zXPGDJYOGNcrseupwM2Bu3hFFsoDVV6jaG%2FyKBHlpyn0%2B9oVFG9c3apEzc5z5F6ZB0gS3pnBtW4bTtx6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
10
cf-ray
84377975d9dc4bef-MXP
alt-svc
h3=":443"; ma=86400
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207446
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:40:57 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BT991JCKD2&gtm=45je4180v9123276527&_p=1704916493083&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1320112297.1704916494&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704916494&sct=1&seg=0&dl=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&dt=Tracking%20-%20Grabify%20IP%20Logger%20%26%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5187
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BT991JCKD2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BT991JCKD2&cid=1320112297.1704916494&gtm=45je4180v9123276527&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BT991JCKD2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BT991JCKD2&cid=1320112297.1704916494&gtm=45je4180v9123276527&aip=1&dma=0&gcd=11l1l1l1l1&z=382905032
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
date
grabify.link/api/ 		21 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/date
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.3.min.js?id=a9e332d1f56cf8ad5b7e10336cf58b24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dc97396d32894040e2b66903e1de10a2a3c369785ae2cc3073a651adc79a37

Request headers

Referer
https://grabify.link/track/41AL59
X-CSRF-TOKEN
0jeH2iJZ3cwBd48dfervlP4W5c5bW2FvsFgRS8N7
accept-language
de-CH,de;q=0.9
User-Agents
MGplSDJpSlozY3dCZDQ4ZGZlcnZsUDRXNWM1YlcyRnZzRmdSUzhONw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Jan 2024 19:54:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrkaVpIWFgUOmWBDC8tCNcFL%2BzlbugzV623dZwBnUeS%2BlY6j2rWrBuXwrM%2B00T3JB6ARqFlqcXQZttOv2BqUKk%2FKZvTtUAjGR1FnKC1iqplqLw2MbGT96zy3fp%2FbJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
10
cf-ray
8437797a3b584bef-MXP
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame BFEC 		42 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
0d63da8e04beb35a5c4e53c8a84ab700f8c9a14528d08c272b42e3a343e77828
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ogDCTY3SSOtdHFubF_ndJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ogDCTY3SSOtdHFubF_ndJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame BFEC 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 14:10:22 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame BFEC 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207446
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:40:57 GMT
139.5.242.75
glookup.info/api/json/ 		196 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Xo0uRcV3UsfobLzeyrt%2FlR87v7vDXsJp5uGcdnNmadwvGnZpbPV7XQV1Zn7RB9FU9N1ntahA2gmdt3pDQKvblOtwkvUUt34h%2BBF8bm3mDwOHPmegGr94UJywafnK6E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822b98babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z2ZlzOhqYp49GoxkBbT%2F2YWph2chrq7GU0wF5JOOxegLDYIpd32vpYRS1%2F8atK5ngXkRyZ8Ht9067Cjxdx%2BlKKM%2F8Mp9Dv9dmV7A9GRhONsn6uUh633mvXadRf3ah8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779822b86babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTxsgJ1uugfMN25Rn%2Fkqe4XpSZ33Bc9GHZ%2BplRkySr%2BJ8ol5OXWMkTPVdBpYoUET4jwcJQUDj%2FcfuAr%2Bokx7aaC7Pcqot4bm0z6%2BCKpUEKygsQpRJuo3vsaaeN8KUFA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822b97babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzZclyUo4QCQifTqO%2FWDqamEIs7xo6P2bFlsuDtSrR2gmEQWLBvvL6y6eKxT%2FNrynOf4VoWgwhEi2iezhaTqMUUb38JY5lC0fDNh8qkWo7tS036tY8QH%2FvZnHBWOqUo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822b8fbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmBeYRrjbx9F%2BX0hsS4qBEruDvbUaPRbxqXxEBtHoJmpYbAvAFa8tS8vZSfd%2BDRUuYRv22nsmM9RanSrlGRpvS%2FXoxoGttM3U4l%2BFye2qn3NJbQsy9mThi93gdudphU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779822b95babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlkmV8hhNexRygzvnBL8YjUXjK80MMBZLe1oWKNK4PJWNaKQFGKdsqyPgPLi1f1%2BZWFoa%2FX3YlshDgS9OprKH11vwCbEess%2F1clzc3Us%2FjNVTHVAhbC2Msfjal2TCZ4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822b92babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLW9Sjo2gm6FFbYSxBJJudt9%2Bo5eGKBC7kbiaToJubhaXdY2K8phINroLcM%2Fp91H1mZXD3s1ZBEnHQWIM%2BHftwQ3vIhQaZ%2FielTDOrizeHEd9%2BkeCY225Uh0CGinxFQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779822ba6babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuBrFJFjDbmdVDC%2BPCrPcw%2Bx2rrMHrRJycOlrgMezhyODz7xzW12aWxeSmpUgYZI3EOLrKAFXuyCnGk6MO5zhSgT2B%2F3mQkeho6%2BvvRXS8p8zS1A9%2BVhOOUFTVzMTvs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822b9dbabb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMpTWWXbLfSy4lHNFAf0gzHZ7GESERYBydc%2BasOzxIdPXuEOpVgbEMM6cHPq0ezNZ5ennKCHo1UdI2jEPj31emkIjk7DluahwMAuyAHlVUR%2FilnO3GbCXZAaOs3FAtc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779822ba4babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjwIiWSs3HpT4i6m%2FXWJv7%2BAXn0oN%2BA3OAYRRvCaKZCGMuGlLSNcVlNQv6FN6EXBW%2FnYE7qAH2yFwq8GuwkdB0LM5xwZutArQmt2I0Ow2UVDHj6m3vdswGAxl1%2BjVLc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822b9fbabb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boXMCKO1fxFkp4KK2ogyKntVUnaXe1FvpxLBkHV7s%2BbZo9Z4l%2B%2BacG9hZXUeQzctQqRhhvKkBjC2zimactm%2B8FI6sCYcG%2BpeY9zDi%2BW5BHzC%2BA6SjKBTi4xUPajb0Og%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2073600
cf-ray
843779822ba1babb-MXP
alt-svc
h3=":443"; ma=86400
choice.js
cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/
Redirect Chain
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7918c11540b6af0cacaa0f1f239997bc39adadd2386fb48adb1b9fce697cb6a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
content-encoding
br
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
38
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 15 Nov 2023 19:45:08 GMT
server
AmazonS3
etag
W/"7952f6c0f58a310d44774b693b1a2700"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id
UuF7zNTEp_LUwsZ696bUOFsbGAfBcGZXn1L_z-XJAfVgQT2JsGV2_A==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
date
Wed, 10 Jan 2024 19:54:53 GMT
via
1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:50:19 GMT
server
AmazonS3
etag
"8ebcdf9f7befec45b5d319e4e2713b88"
access-control-max-age
3000
access-control-allow-methods
GET
location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
access-control-allow-origin
https://grabify.link
cache-control
max-age=3600
access-control-allow-credentials
true
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
TRcPnsWz_GQY0VxkBD45Hi0TqLDbk9lx6957K1-xvADYojdCzuWp9Q==
prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
cdn.fuseplatform.net/prebid/ 		293 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1b24a71d6c9a806e5b2a4b1d7bafcd847b61d5217be1be57329ef0254d5bf160

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 18:38:00 GMT
server
AkamaiNetStorage
etag
"1dfbac113bf8424f1da38d02278987b8:1695148680.722245"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400000
accept-ranges
bytes
content-length
91881
expires
Tue, 06 Oct 2026 19:54:56 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		281 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5486555a7dd9df318317f1ba5f3159f5fb3211a797551ac9a0b83bf439e98e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:06:27 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jan 2024 19:09:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2909
etag
W/"26f6d7148dac76741a1405e4c642a875"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
lrEk5dQSpdZlgJT5TALdYc6uc1m1kstbcCUwAi7LWQ8tXSGcekkYaQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
eac0c631ddbc34d157ed2540ac260a689e9b2c39dbe878f771791ee8e209b06b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29324
x-xss-protection
0
server
cafe
etag
183 / 19732 / 31080327 / config-hash: 18310344931514748835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:55 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1704916495237&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=6021&e=fuse-load&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:56 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 19:31:48 GMT
x-amz-cf-pop
FRA56-C2
age
46075
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
uYNwbW0_4kr8yFD27edBqbbQbdiBwCDfhwxGLg3bzmWcqL_jMNaC4Q==
8b48e249-e9e6-4a52-8b48-396ea93403e8
config.aps.amazon-adsystem.com/configs/ 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
e17c8707c78fa22d1802c3d82945cc0bce27a79c8df3505fd85aab74e8c996bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:58:33 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3382
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
zYoQzzKVCtX85SH9a_fxvFBO5_IB9nKSc5rIA1BFDtvuBagt-QpKdw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgrabify.link&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:51:27 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14607
x-cache
Hit from cloudfront
access-control-allow-origin
https://grabify.link
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
tFNF6J41ocId-aJK0nVNDSc_9P4K-RY6EXyBgaekuzL3vY2F8OEvGw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:48:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
39977
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140168
x-xss-protection
0
server
cafe
etag
17101759845534740898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:48:38 GMT
0Cqmw64vVDdXjGZEoSN2NjFc6s-AADeaJ1f3yoXUl2A.js
www.google.com/js/bg/ Frame BFEC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/0Cqmw64vVDdXjGZEoSN2NjFc6s-AADeaJ1f3yoXUl2A.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
sffe /
Resource Hash
d02aa6c3ae2f5437578c6644a1237636315ceacf8000379a2757f7ca85d49760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:45:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
126573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6849
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:45:22 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BFEC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
172681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 15 Jan 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BFEC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
505679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BFEC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options
nosniff
age
171444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 20:17:31 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame BFEC 		105 B
211 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
a4d73bb86fff11e4634ec386619ff2c77371db4929269b8db5b841a11e4a5bcc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES&co=aHR0cHM6Ly9ncmFiaWZ5Lmxpbms6NDQz&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t9ds6043gchs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 10 Jan 2024 19:54:55 GMT
tag
btloader.com/ 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28fd4537f97937a66f5fb708c99aa823bbbbcfac033cbaabd0710422b46d6e92

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:50:36 GMT
server
cloudflare
age
128
etag
"a2eb737d6a7d149e48b3549c563dbae4"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
843779868f4783a0-MXP
content-length
31599
bframe
www.google.com/recaptcha/api2/ Frame BDEF 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
a0bc8ef234af9121f388ab48a75bc4c05f6a947d85df79ded0deba4c3a46954e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hcdco2eSsfei5kguhKvyjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hcdco2eSsfei5kguhKvyjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame BDEF 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 14:10:22 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame BDEF 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207446
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:40:57 GMT
choice.js
cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/
Redirect Chain
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7918c11540b6af0cacaa0f1f239997bc39adadd2386fb48adb1b9fce697cb6a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 19:45:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
4
x-amz-server-side-encryption
AES256
etag
W/"7952f6c0f58a310d44774b693b1a2700"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
nv_VEBGSR9izKHtn0rUhUTLKuIWVOV4EEaribSkqBezyflLdlW5n5A==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
date
Wed, 10 Jan 2024 19:54:23 GMT
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
34
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:50:19 GMT
server
AmazonS3
etag
"8ebcdf9f7befec45b5d319e4e2713b88"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
06MpaRKSiK5gVgFBUdEwRIJRPhjBgs9y9xus6PdtxZIvRYXRlGWvGw==
reload
www.google.com/recaptcha/api2/ Frame BDEF 		20 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
c27a5d30472dba14fca6cf0355b73a4209e7260a27f1b1711a034e799edd10d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 10 Jan 2024 19:54:56 GMT
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame BDEF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeQMRwUAAAAAI9EqC05CqYE7JKXelwL4MhVwAES
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
125384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 09:05:12 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame BDEF 		600 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 23:35:24 GMT
x-content-type-options
nosniff
age
159572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 15 Jan 2024 23:35:24 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame BDEF 		530 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:05:07 GMT
x-content-type-options
nosniff
age
125389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Jan 2024 09:05:07 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame BDEF 		665 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:00:32 GMT
x-content-type-options
nosniff
age
381264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 13 Jan 2024 10:00:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDEF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options
nosniff
age
171445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 20:17:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDEF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
505680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 23:26:56 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 19:54:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
910332
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVMdYmccYy5V98fgHUwsb5Zr8BDR0jYpPnxBx2IZ2bmx%2FOSCcUE4UMCxB9lftCt8zPBczUZgEXf0c10q07D62Juc60PdULTtdCKYES8lGaHF%2FnJ5ts3ZAUngz4CbJ6xYRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84377989d9900e46-MXP
expires
Sun, 31 Dec 2023 07:31:30 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 22:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 22:48:00 GMT
px.gif
ad-delivery.net/ 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6992986845451723
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
910332
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMxNkH0Nwf0FHH4XkZRRYCdvwIFj%2B1fe%2Bi5fjFB%2Fzbf2EXYyORDYjdeZ%2FMkYoS4Hw%2Bi8Ttba2t%2Fke7BNsebgdHM2bX1XZEJZtaZNpsYRKt%2BgX7gOr22ocpHNCjv3crt9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84377989d9960e46-MXP
expires
Sun, 31 Dec 2023 07:31:30 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240110
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c5aa6d0357b62b02c6b097ded7dace2d7d73c9d3182ab4769d6d885d42df3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14048
x-jsd-version
1.0.1931
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21957-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-srP1bsNqA2XeAw2UkOxOtrPZGo8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGZiag72902lIZGT6AsfRAo%2BnnhFJeNQBETXhaFctFFCl%2BynahLldOOl%2FlZxbCQeM%2BQlf%2BkynG50EVCwBvaYpoaJcFra8er0OLr%2BNT39ysOb3UcK6ExABFWcBuviXAbuowE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8437798c0bb9ba9a-MXP
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=vA3cWGR8&w=5662433931689984&o=5708166709903360&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=LrUodaangc&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 19:54:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
cmp2.js
cmp.inmobi.com/tcfv2/ 		158 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=grabify.link
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/grabify.link/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:47:15 GMT
content-encoding
br
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 06 Dec 2023 23:27:11 GMT
server
AmazonS3
etag
W/"996d26bedab319e9c7d582033f52619f"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
avugw_X8D_brfa8FHZsMfGTMUGtgH7VsZd9Eb_RazstH6AZMSOI4IA==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
51465
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
xGm2TWBV-kOlxclN4UIreC3-P6tT7sEUY_Ll2uFy177OKpqJvjLPTg==
ads
securepubads.g.doubleclick.net/gampad/ 		170 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704916497274&lmt=1704916497&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9ubEp88xSABSAghk&dlt=1704916492435&idt=3513&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3Dnot_ready%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3Dnot_ready%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dfalse%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse&adks=1711869674&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
df4519044da92ab8d07e35055830fcbdb5ffc9a5696e34415a380e5fc09f9b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52837
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22688742465&cmpj=unknown&v=1&ttm=1704916497284&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=8068&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:57 GMT
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1903 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl_page_level_ads.js?cb=31080327
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
095f3056fe0b1444bf1d15d9ed841ced55a0f20c48b531bb00abf878b61c274d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:58:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
39371
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13831
x-xss-protection
0
server
cafe
etag
4498079684702950285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:58:46 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://grabify.link
date
Wed, 10 Jan 2024 19:54:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ed5fe0679d21ebb66bcf48897c0fe19c6b42ab4169babc6bfa589df5b10310c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
an-x-request-uuid
e33f5eec-0c64-4ba7-9242-7415ba9fe093
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://grabify.link
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497314&to=-60&aun=fuse-slot-22851126297-1&maxw=970&maxh=250&si=276300&pi=3&bf=728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
94ae356754546254db594155d7b423b920a237d367dfebae35af67a5fa1b11bb

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497315&to=-60&aun=fuse-slot-22851126297-1&maxw=970&maxh=250&si=62833&pi=3&bf=728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9e9e87a8dc7c0571cb208d47bccbe8f9e6c505c77a0deb992f4bb753b8036b73

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497315&to=-60&aun=fuse-slot-22851126297-1&maxw=970&maxh=250&si=62834&pi=3&bf=728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65623973184dd1b2d95ea6ac7807905cc3355ee1cdd938a451d337688f1690b7

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21820773827-1&maxw=300&maxh=250&si=62830&pi=3&bf=300x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e92c8948a71a4b8435fdc957984bd29bf2e158bd04f9fbb631b416aa7ecd0c8

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21820773071-1&maxw=300&maxh=250&si=62830&pi=3&bf=300x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f827590e45ab44665694d4a65fa9d97907f56f61bbf1b9830eca6aa24d9f00fe

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21820906291-1&maxw=300&maxh=250&si=62830&pi=3&bf=300x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7cbf453d798d89c6f09c21a8b7a9fb4105935908140f341ccd4a850b571bfe3d

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21842489290-1&maxw=970&maxh=90&si=62830&pi=3&bf=300x250%2C728x90%2C970x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
894c9cfd847ba9231f088cfe0649d2aa81c38da89adc413c36a3dc39b10676fc

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21842489290-1&maxw=970&maxh=90&si=62833&pi=3&bf=300x250%2C728x90%2C970x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9000a06682403f26d74736054dbf2a1105a8f47de6dfedb87dc2b7b239e92d04

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21842489290-1&maxw=970&maxh=90&si=62834&pi=3&bf=300x250%2C728x90%2C970x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9610d91b2505c3f9fbd010468a91459fceb859dbd8e43c70e583645b609c7a80

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21847076120-1&maxw=970&maxh=250&si=276300&pi=3&bf=300x250%2C728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2696d11bd83d1a705038b931de9c6a8e95e43fd79b3b6999fb7b5ad20429472b

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497316&to=-60&aun=fuse-slot-21847076120-1&maxw=970&maxh=250&si=62830&pi=3&bf=300x250%2C728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c9c112105553d821d7df56e2670a2dc551c7c586561650c73b90f3c1e1f31062

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497317&to=-60&aun=fuse-slot-21847076120-1&maxw=970&maxh=250&si=62833&pi=3&bf=300x250%2C728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ca438c5c77001c3baa59827265fcf28cfba2909df0d730356cdb8523eafef06

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704916497317&to=-60&aun=fuse-slot-21847076120-1&maxw=970&maxh=250&si=62834&pi=3&bf=300x250%2C728x90%2C970x90%2C970x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&ns=10240
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
35025ebb992e9ae52824cf5e272b7213e1424f9274b8e23ed53b2d32588c31be

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
hb
ssc.33across.com/api/v1/ 		52 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dvmK0GYZmr6AWtaKlId8sQ
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		52 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dvmK0GYZmr6AWtaKlId8sQ
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		52 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dvmK0GYZmr6AWtaKlId8sQ
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		52 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dvmK0GYZmr6AWtaKlId8sQ
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		52 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dvmK0GYZmr6AWtaKlId8sQ
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		52 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dvmK0GYZmr6AWtaKlId8sQ
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cygnus
htlb.casalemedia.com/ 		37 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=371046&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2236dc3378a0ebfb7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A13%2C%22msi%22%3A13%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2237d221662fa6638%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2238d3ee55bbf8981%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2239fb2855f5cecd6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22405d4930eb1e49f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2241b26b9c2815542%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224239a779ad0b45a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22371046%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publift.com%22%2C%22sid%22%3A%2201DS4VZW7FKH0BACQ3CME9B5K7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c93ffea4131e015a9f071744eb997b65bda488834510efac7df72009134f49

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIQEO6ODGw8JcCKvAr0EeUPJuUggLWpTpvL4ZSvyAEDovi83fYcs0TDsVVt8U8AcaadnyTnA2%2FJrvBBWVLVuQ%2BlhFiejHbKhdGEgQ61Tvow3vFYahgrliYx%2BURscPmIXC6kvhFTS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://grabify.link
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8437798d6eab24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&tmax=1500&gdpr=false
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.58.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-58-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		876 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
9b5ddae69102aa426017582a473e0eee873a17358630031c94818bfbf1bc005f

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://grabify.link
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		933 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
051dd37d5fa5cd6b4aa88b2eb0c26fea5893717c938f92106c9d8ed66f55e8af

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://grabify.link
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
d07fc9ea3fd684b11d7bddd0cb4ec188e8c6b5e119de8ff6511d0d2a16a34144

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:56 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://grabify.link
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
2f95e7d1f5ce4a8c3ddcf39809cfba9e024255b0200c015482b7405bccf21c13

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://grabify.link
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		1007 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
29d4394c58c409ee52b6e3d61d01117819fc8ccbf9cef8a24123d16df443d84e

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://grabify.link
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
f5ef4b7e387cca4f9890c187bece4b126c43dd22850f98bdfa57511dbea3e3da

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://grabify.link
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://grabify.link
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 10 Jan 2024 19:54:57 GMT
bid
ap.lijit.com/rtb/ 		25 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
95635cff5d46677f348c8953f0e9f6d785f783ab2dcf0a53af7fb6649a145c4c

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Jan 2024 19:54:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://grabify.link
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://grabify.link
date
Wed, 10 Jan 2024 19:54:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
121
server
envoy
vary
origin, Accept-Encoding
v2
i.connectad.io/api/ 		153 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.54.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349e73c520216b45426d4702078175eb23522185867797d0de20c56a92960eaf

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://grabify.link
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8437798f4e1c375c-MXP
alt-svc
h3=":443"; ma=86400
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=96066663254
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://grabify.link
date
Wed, 10 Jan 2024 19:54:57 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
aax.amazon-adsystem.com/e/dtb/ 		249 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&pid=yHaccuOzb1GNa&cb=0&ws=1600x1200&v=24.108.843&t=2000&slots=%5B%7B%22sd%22%3A%22fuse-slot-21820773827-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F71161633%2C22547847029%2FGBFY_grabify%2Fmrec_1%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21820773071-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F71161633%2C22547847029%2FGBFY_grabify%2Fmrec_2%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21820906291-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F71161633%2C22547847029%2FGBFY_grabify%2Fmrec_3%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21842489290-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F71161633%2C22547847029%2FGBFY_grabify%2Flink_hrec_2%22%7D%2C%7B%22sd%22%3A%22fuse-slot-22851126297-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F71161633%2C22547847029%2FGBFY_grabify%2Fscrolling_sticky_footer%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21847076120-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F71161633%2C22547847029%2FGBFY_grabify%2Flink_hrec_3%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!publift.com%2C01DS4VZW7FKH0BACQ3CME9B5K7%2C1%2C%2C%2C&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.239.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-239-116.fra56.r.cloudfront.net
Software
Server /
Resource Hash
03bb6578455e42604d7d7c5c216591a23942b6986d20a60da8aea895b7bbcd3e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P4
x-amz-rid
34ES8JTNHE6VCTEV7YZG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
timing-allow-origin
*
content-length
249
x-amz-cf-id
uAfDiCNEdRGQlIZbIYLj9mqLVZEoPSHsl7nYB3bmJVXgJ4nOwNEazA==
map
bcp.crwdcntrl.net/6/ 		235 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.58.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
45e828ba57984706b3248c6355ac48302906bd5bab647b32236196939c4cc75a

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://grabify.link
cache-control
no-cache
x-server
10.45.8.26
access-control-allow-credentials
true
content-length
235
expires
0
139.5.242.75
glookup.info/api/json/ 		196 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgWk9DEDDh7bQhW4w6RkKT8kuTCsrZ6o5asa3zhwnR61EtMcAMaFQL5ZWf67rCXixFl0tknBeCmsO0nKepo32BZo3S%2F78QdDAU%2B1JvRboMNY0FMNFIIdgYLwM5hBgME%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca5dbabb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32oc%2Fqj5KRVW9cjOLQwwwrM4%2FlizFNxjaf6yYKxyXc32H3ZODQXkqblJVP2eB3%2B%2Bav3qOq7NLjboVLPSXFe8hOiQu6ev%2F%2FhyCwvxSglUaQ%2Bqev%2BBNqGae5Bqp9pp9Wk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca62babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5g2QpJ5CdLr8Yv%2FufkdNsTzoYynMTEMz1jPsFzPAwgYLIj42VQwr8msASkzuCKIkNROdVcBuYjRLnXZYW9XIdTCLozdtPM%2F01qAVEBzOCBVBowtiq%2BfBEzBVctIDsRs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca68babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfYSyhxL4qGZwBvsLnY6VC549zejhUjxCeRNv6Ylc1TsFn2Kq%2FQlC8qxCxb%2Bu4h3oQguBzbROz%2FioQ%2FcBJ3gdp9VnJIRJrHgZRGAGG3rUYiohtKkhosNDOjgr2onVME%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca6bbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSJVY7Z7prNMeQFgvckc9ScSUStaV9OQIrW6kZkW7HYCWmN19c9TtlVbc52M%2BsEt%2BuwfbRdxhEs49lk1fXnEB9zCS8OmFLa38%2B%2B5%2FByyMWiWYSR441RVgMysloS7woc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca6dbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FofOaAxdeFzGyxcRBXZ93VFoAIpJx%2BUVvwHKIvzd1rPW0OeQp8VOLUR6%2FGxa6sKPsB%2FZrk%2F5%2Bgm68KEfo0GejNWLfepTw29WtXt777hulVRPlILBuj27WruK8WKIU5A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca6ebabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FNe3D3LZMG8289LnhZdGrioV%2FoeikaU%2F9cxOt2m6%2BSAHT%2BiKFhDlletOmbPOd%2FDnLVSdlo9g3mIJd%2BZ2upWg7lx45wzYN5Ye4K5NoedW7wcmwaiFie8mqOb2frRNGc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca72babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecEpp3mTK9WsJ1GNwQnea8vf%2F%2FlttG09Rbojbsu1FK9by1nmUPHkipx4oDuttKsnUMqLRIHHnuGdI%2FTfcxYsPmMec%2FIagekHQNvMeetTMTWNNvWp8LmOkzFKTOMul14%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca73babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFQnu9Tjammi5zjvoclfWyUveP0%2BIw2RvtunWg%2Bain2xUej9DEwY1qURAow08K8tYyASZRdtQDZe5CKgi0Bkapnh8zBLrpbDEvKg5yLQKfEVLlgK4m9Xgd8EovQ2Pjs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca75babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXQSI8V3SmS1QVvW2AhZwcyWPmx2C2b7iINT%2Fm9t7YqUKWCV94F0wDYZz7Ja6zmZ5YNPshWG42h2Y0sb5YGzKB6cHP5QO5U%2FN5Mjajl1KRrq6hUqmu9JtbcARVGjECw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dca78babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkK4DkkGTdBoSFvo%2B2U1Lq4N1k4LgtgU4ikY%2FPMOQ4IUj2pV8tYUaUC9ydFvyuIGO4wolIxx45ZOQ8kWKfMAORlYOLaQzSA39Uz%2FLkKt2Eslwksx2b4zSSx7rUXZH90%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798dea8cbabb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5omzO9YSwlTRn6kQww8qW2l0sSQu8PhNnmHi%2FbYB82IyHoEQU5sn6tkSZmYMCBDbl7ethmpzcm2TXZyuzGb5MQA5%2Bm%2B8oUzCqhr1Otr0TEAaZ2m9lBIL4uDuakXB%2F4c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4ba7babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hE1EI9ioIC2JFzlXjIVdlARq0189nQbGa9pmFwUzZZRklUTIbCjHXmSPKWmS9bCOamQkPbaN1xhMpp5aHCZ2Ucj0iMeGXhiXHEjaiq7DXUe5WmljIxQdfCnaMZfK85E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4ba9babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVJ16dM5ReeBR4HDV0ji3LhiDFy8xk3eX70ZWYAXBFcPS0dQl3N2A0Ri9hM%2FYx%2BCZs%2FmiAz3aGl4LI8EP7kFYYN%2B9GNM7%2BAVKRqva8cKxrBy%2FDTHR6QpPNJmmCmQcuo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bacbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oGyR7O1C72nTpiAA4F%2B1cHyJfo%2FmWZ7Figwm4RKv6HYol%2BcRliNxTQ%2FqgoYxk8hhyNjwd7pbrSkZSkc7e8KsFaVGmaWTEC%2FYUG9UWLOotV6bi0tDNg3qm1Z4613NUQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4baebabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E15HvltYVTK77SJVMzENtHp3iiX9wWjSf2GuiDLUzYnGXopzZkNO9g%2BPk9%2B1eokEy7VDDdeHqnN9%2BpLeZYKKCdJjdoJ%2BqP2YjRa%2BhBczUZ%2BQ14jDGpJhpPfn%2BjdDqBE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bb0babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it0WRaLPlRAfkjbH9WE2RNg19kdKwss0w6Gsq4UC0PBge%2BaWHMxakF9MHOmCQoZgRj9TUK9inV92A81fjIFV%2B9qhejiHjTeYVcEE5vxk4jOk%2B%2FnPjvVYuqEH2vDvfkg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bb6babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIVnANtqCJwy8F6juR%2BsgK5cOvxsafHLuCVrBMAHn6sPBOw%2BSrlAoGsdcKcvtLA%2FB47LCwnur4oi2JPYyapp4ES%2FC%2BAJ1oc3%2F9TdekLBfnAdHwhjbKkTFsrCoOb2j8o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bb8babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlesR1CPzBAAJ1%2FxlpFpQJGcLXdwITRvRp%2BI0a0BmuoBTH4KGMJ2GXQoSTgbqLY%2FNL%2BOfgQ%2B3mJ6B%2Fb%2BcbQopTLlIKPRKkyJ48bH2gFvjgVM7n9g034yKoRI6XhIIIc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bbababb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imy8QN%2Bgq%2Fy%2Bg99wezonmgL6dPIRNauIAs%2B3dg%2BhwX3YbUdYcbbk6vHTjWtKbhkuV8UvC9pZ2%2F%2FMeHtucaalg%2BZcphyXBDJ%2FaVyLbrOnpqSU%2BN8D3dDj9kOWfKg1V9o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bbdbabb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1Rf%2Bv9aGszBevaSgdnmRog6r2rySd%2FruQl7AxPrKXs5WCcO9aSqdXcHVQ37FSqp2r%2BBnMfFsPLaQIe4Fjp0P3vg02Hugh7FjNdv%2BFZ%2Fu98XNDW0HwmhEjm7wAIkFTs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bc0babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M%2F4vGR9H8O4J727MsLFbBrUnZnIgDKmIsFrlh%2BiLvh8IYe4ahAm3UYdoir0lYeRN4YclFlo0d%2BtETi2F8HpjMCyC5uoyXi%2BzjgFVW7GhWLLj%2F0EvNV%2FhmdjyjJeIHk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798e4bc1babb-MXP
alt-svc
h3=":443"; ma=86400
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7831 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
139.5.242.75
glookup.info/api/json/ 		196 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKXrlIHBdmRQeqzI6xiasmOh9aW775QUrL3fRld%2B0v%2F1A8dmCoevn3ldtup3C%2F00LgfrYvaDx5jlt%2FqTt8OHDGMddn2QziKqfqdlEtGvphTCMP7CiHmAvomp3wNwboo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae1dbabb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cXoMXMK%2FczE9OuWEiBMmIMHPQuqS7i%2BQ5rhqUBDBCsXwE1njlBGd9DMkRWTCsVAV4YBc5F2w7V0wxcUhHhywC9f22the5hC68EjpNx7xJh8VKRklSg6OsojtHVZORk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae2dbabb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqGxJvobN9NfaCcuTTEmgfDZv9H%2BghnWZbWBuLy52B6TRTmF5SgDRlWa7DcgSjgC7Aoio3djn6hgl30LhnhNJMp0yOSZ1jNSrlozMaCQpWUAi1GnfrMd9MQKD0jdGjQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae30babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyl1CAz0bmX008KTSFC9vPyOWjdaotai1vxfanU7Vb3Dh1w6EGy8xELHnQkSpprmNELpUcfggCIv8VaANEg6a5PR9HYEtdlvuvY1pzCChEGqQegIztEbIra9QcGhClI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae31babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXhjKGvTncCkWfwU3faMvpc8L4AWnH%2BR80S6GndBtjDfuLOsFpmDQxh96SCp6lPQ2uyktBSAlf0F4m56xRUi3aZqUpqCRbXDwWo%2BrYGIgVD7HjIyHi2%2B3227fZtS4SY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae33babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug43YiXwc2OADDjQUn8102NDrKthxpC5z9SIGl0RlyDq2QeKXb3TEGUXZkbtOLm05MNH1GXg0B6eBMtQsqbnwvkKotxC2QAZJcRBWvbDXB%2BuFY8GAs1PYsqT7r2drik%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae36babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmO%2FcGXS5TfaJTiPmhUcMutDXv8%2FcJDm%2BiquzFB%2Bf1%2BrkWMIUk%2FPst1Hzb5ZG%2FzegHMA7gaInkX4yOVjE%2Fvhs%2B%2BnSLVKHJLzBJascSOEI6mRv3wE8WgVBTK2uLpS9m4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae39babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
405 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ScOhJAXR%2FfPbiToWeXPk6Ayl3VqRlXPHSDuXlnRP0KndTnpl6R3bFAdTNnRPJIBv1kbwKgpgLflzz7Yym719dP%2FEnhURJ%2BMuBz8DBTqauGQXpgpGaKn1TbM%2BqxyuL0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae3cbabb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L7HnUQOjrYvLGL%2FmEkjoY0%2BP8IpLqR3Fa9CfqpiYDtHuXIbtfMyA0a9Wq%2BsGOxhGvGgsVr9jVThfFDdAlSxUPxk%2BXsIMnkLdAxJnlgZasdho9PQcwitEEKUDAdJtY4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae40babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZYjljokYoMbUh%2BV3nZNMVgWPsWu2bHc5Xt9v%2FBfNW06XfN5V%2F9amcvs5kHdyZR0Y7%2Bk5NaqSjimqB6559MHp7WUDD%2FFvS9DqHwTyVxUCPzB2wFeB7yiLUHV6nFjzTc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae43babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6qmOQ4uSNVL0KeJ3jNodywyii5Rzph1qVFE2NmIidURAN4gbtmyjHZr6n2qIDlbiwQfFFHx4ZxjlOtfnnOlTHyGd9XIjmr16yfTdC6hhQC%2FIwT6dQQxEgBAdqBANa8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae44babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHpsOyKHTAXMKSJPLNhM8ByevpJT6yK3kEF6mrzxXPOM97N2Suj4mNunvAchyqQPeQBmENPt19U%2FCSuqj7iIzeGc5uUn2qGeqsUm8aFJCRHgs%2F3Xgio8iPDClziGB0M%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae46babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMBKDRQjLjLE8E3DppsUY5twzKZX1W3s3mlZc8d6B1ZWNPyXlhyq1kAiSJG74mRS%2BzS8XZgHynShFudzWkl3JBx8Pi78DRAoJqdqZrAxKbTF0t7sdv4JagiRjHxD46E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae48babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGyK124v6cqCONu11z%2BzerhlGyj%2FOH9TOTrJAeg%2BREehW8UQoj2wh7D04A6%2BXidJUhV%2F%2B3PbzNpfJQA6VvDdTJWy%2FgbE2oLVAeQUMKB4kWBd7eZ1hgf%2BoaaYtCtqboA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae49babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqy7LrvUy7EW3w7boNiB4z%2BQ7ohO6i49RpQ8ImoQld9S0wY7S9QtnhRCXSCAFEAvS5oGxmS9v0jDu11CACyhM3ht7zPqLU40kiY1xwqe%2FpzyVSDYfiRgsVanb%2Bil2W8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae4cbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5cvIVqNaiqIWcdsDBjHnUo5nnGhc2RTZuHanFwbGdNa5yI8QXfUa6O2YN%2BNjQtHFfdU6aGRJCuvFE1HEBHe8lipn1xO3HYn1WVbnKfMuPppLdS4Oa46y2cmTfhnPyU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae4ebabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I9NqGNTasYyORKYXhme3KYZ0s8zQk%2Bl3NqWHPpR02sSL3eAKyF8AXrq2goqQjA6Ch3ib7O7RVKd6eWANC78EDxe1nLNtgoF7qa%2BP8HrMtGfrCy9XExeZKpa%2Basn4lo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae4fbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndP3yEmxy%2BTvnoLMa57AcWsVScuNA1EH3Jv1F1%2B4yZLU79TUWgl4Zpdclo2042RuGwC9t7tRaScYAeJYl6uGMH8pd7iMd6X0ZvRrGs33Q8DRTza%2F5knsunbiePt01kc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae50babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtyh%2F8mYmJL2UfAFMolHTl8sUAe1QGsLnD6FGMQUo%2BUOuXHQtl0T0qhPHLkwKGgDhBT4%2F2tBPJfGrvre66AIX%2Bc3qOSjBExkkStVlLRuYgiTkHtc9Y2yGhrcFvl0iuU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae52babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cd7FoVebyePeXxE4iy2c%2BrqCAkRk1aJlEPpwZ%2BCM7VobHK3kVZJOZq%2F7o2dPUPmmBzq4D0cZZ%2BP%2B77bsRBXUPm7ZaFzfJN43sWlm1v%2FJVRLS%2F15oZoIHWgvDsqprdA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae55babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
435 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIvyZRAIS2qlwUHKSfRdxiLWykb%2Bw7mODpIwNKXABwkCEG7oenJUktZfgPMqd7RxcyXB7ZTKsJ2NA6nh8sXMicbscmlBSeFGPapAmBMjrkTxChwFGyoUxfE8Tk52H78%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae56babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvnWxGj%2BKaFC1EDRpH1yqQZZZSEzElrvPyGKGxilWNPOGah0bjiIv4cTT3uZAwgJMU1RjzuG85oIY8GKZF9jpfgX1eiIuvu55APYtAn2djK5a7U8nqSu3kSlwChm2RY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fae58babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBJgCNSmH2uQi5SSlfSl%2F8wS5p9veTKt%2BviFIzpftkFmq%2B77zxwLkn468mSd0Dl2Nd0u1TMa%2Fi60DMjsOsHlcBJ0v2SAskwXxmjrefqBV4yrN2qMfpfisLdYBngfcWA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe5cbabb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13CJvvjk6sg4h5IrWmoPZyRxdN0ups6rJCjcuGhyJ7ztS7WMhBpJtVoqIJGuPKov6p3W2mBq5cfBXmVTA0sv4U04O4SzHmVfki29pjqEvghRTObTEQe5aZxeomD36tk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe5dbabb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf0xP0R886lQ%2BdOfjFes%2FMMqaiU4PrOJsT9rAna%2BiP7VsQL3WUd7L4T8IUHjULz1lYgeY2GbqeMIPQ%2FwWwpcDwRxtIauLP8ki37SRhrR36RUId%2BahgQrSdijKywM8is%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe60babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
440 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnXcKx%2FySD%2FM0G2%2FWkZw9U6wwonbddXthInvd5fCLqTb2WMpdEXjz97JRiL%2FepHJUyTeVAPKJxYCSslzzeV%2FJ0UKWzo20eHI0WyLUo%2FhbCa8EAhDvqMtfLGJ4O9oz24%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe61babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUJooVoQgIGcDMCLaz1mYGNQR7XUhQGNw0AeMNsvAHQURhtrgNKzZtk4L9rxl3lmsBuS4jzQyq%2BSV%2FxqtbkUmZW0%2FR8kxnLBqfwj0%2FyTF2Ugd1vwtHy4D3ZcWR4OV9I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe62babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEGe5cS1Mwh%2BYKSQpILar5V3bTcuO6dF0wc8Z5TyPxqj%2F9VYxpa6vbowyr8rJJXVmveV%2Bgix%2FkDXf1ElRUrWjs4QYvTlQzmG11ifVITmX4f87cFwkC0q0z13xsgkoxk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe63babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYOY2qq7SuL1pwtAoavWz%2B7fLpiqnJYs75nlq4dUgxIjZ6V6kJJBHP0EIUensug6ORpijCjUGxfGNNaUJeuPiI%2FkgZEcbLNaurds6%2Fe2mlyxoFzKm%2BBmJlYG%2BsDDSn4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe67babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGm2%2B5cxwmqBRF5B4rN8eA4IYz5WDGJC0Zo3ZNfxEP3fSC%2Buq%2FcutOUYOB1Ugr5QNQq5UJTDW0Uclc%2FeqWQp9AHw2gcRzvke0uyHQt59wn4xJyNRbkUulQYnoD8adiI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe6ababb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bggE11xHsgOQncSIlZh38Vxn8o6Kk78J3tkl296TfI2fitsnJwa4g4dDnAfsx%2BciKEy4TCEI4UXkbkWag7cTkGuTRsX3PCVVZXkgR6uuF%2FSWxY8mPLsVtIaDu76z6ps%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe6dbabb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Axj3sBh4F6YZBGXwtkSmt9j%2Bjku7887kOegVgL%2FO1oSUTtfeogc%2BihEXuAExjLDwAQP0V1UmCbxmN47NJQx0YSrg1KGoNmPQGDzpR4tz%2Bu8ljHiYLoqQYf3CpmxDWZs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe6fbabb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYwejc%2BmqwUX9PeNl8N1yVYjQk0Q2cWhJ361XOOhN04SgbKv4EpumD3zJoRaLpgXZDfvC3xc9mfBJ2Xcx1%2FoA9LeLwlbjDFSKvFBbYQm0s4TG0XMNlj8DSq3sDsRVJQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe73babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt6ynRlO49Q3NINQE%2Fc9kq4AN%2FoO5e1cmcPNk5PlQtwrCrnqCtm3So%2BsbE1KBRKXcU%2B7Zb8QI8lZxYPD4vRiqiNAUYgAzsyJ%2BBtGlysSbJ77%2BMia%2BdyUrTJEA8lxq9w%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe75babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjTiD2VvN29nGudJL6xpFi%2BMiHy41kl2%2Bh6ET%2BbCQvk9EOqjvz46fjGtRJ9MtfehTwtfJ%2FnwJTE7438p1IxmJRJRz3vlXWXTte8nlEhoBQE5hQYccfPF1DnOX5V5m9Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe76babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0EUqrgy%2BlaeSJi%2BcIpa5u90bUoVX2OaUtLEXKwdxuZAdwBnMjKE70z9mN2iivQRiuu%2B38AVDwI4j8bTicG8AzffhBotSZCoEklPupr%2BvZ6TKbDlKS%2B3Q2UsRqkpBIY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe79babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnRjnsCxxrylCf1Z%2BASQzDZTkXICW60A5fnOM8XO8Ndpf4tQ9I61jGAUjK48degSrvX6mhSzqm4yK6fGLq1q2GnXElOGG0CIf%2FSv6IiE19PGLgUF9m41yXn9Hf%2BKxbE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe7ababb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeCHNINfNVVPaQbmMeRuPXRlDtKrLIiNreBroQzYis6apXvQRk8AwKM6KjD274C39Mcw0rUmiiqmjRCedmT7psGAzjLkPRBcgUjg%2BD8MsVBQkrFU6AQQ2AJF2c3mDxc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe7bbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifOfUJZh9FZLbt55YG1TB25F66q8u54Vek3NRR5p2pObSPQZn19ue8zuVFMM6u3dnfWrlqLjHtpDQMSgfXhgxqCZPcW%2BrUY25GySfFeOwNvQTpUfNug%2BXIkhVhc69bQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe7fbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DITEkrJFlclNlFqVCyBiMbJKCb2VFUjieQBhcxvfjaKaFQksHLQgz7c67YqY0O3cCiNkS9R8DhQSpUk%2BYQY7cHtClHEtE6%2BmyWlHEjIUGKvXiutQfgXoFkh82b4ftKE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe81babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k67P3ZsOnu5vg5c4fscrH%2B%2BW28w3eq%2BBEcQebkSZZYQHEfPPfwxYTtNPQOAm8BLn%2BBDqYzcOxph%2B99lpXObEy8XtQNk5y0EpTxTPjQ0aGvXkn9vCWo5SZSlXN31kPs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe83babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QanVzNSAkHGRzWTXh%2Fi%2BChWAvAIXfxMHfUkJMtBF%2F6esYtNsk3GlQEYwP4r37dHNrZv1kOY7Ql92wKD9OL58BJSxGSNEIh7QY7fseypwhFJgQ5x3x9Dfa2NWM76n%2B84%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe86babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzeRsgTgQGT%2FLcBIc9fcQr7JNcK%2Bx1mT5g%2F5%2F2vF9xtdIVlpFleZ4pmhgr7gCEi9sB02PRVD97WXuctYGxIfwUF1O%2FDYyTkwrt4C1fDt9DPQKmP9bRbPALbQa9OMdFc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fbe87babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqHErksYC%2FzspZrzhxxMz1OdUO105DDCq6bjSwfCGgEtNp%2FIQp4YgmEaHOi3IYXnNRd6kHQgpkKlgDPe6CYnWpIcXqBtb6M7FkY8PJlMNiJh8b7TX%2B3ARtNOqtC8L1Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
8437798fce99babb-MXP
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ Frame 7831 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f138.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 19:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:49:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 19:54:57 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3885 		499 B
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYnqCDggIwAQ&v=APEucNU-5JV44__99TujYmrn13UF7xHyLjslsBxyLpx4o9P5PFy5KeOxHfYvoP0tqLDkW3blueirs4-mCXktXA08e8BuK9sR9JGv5chmXFjpLPqzrHziJp0
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:58 GMT
expires
Wed, 10 Jan 2024 19:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B41B 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 23:49:04 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame B41B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
85858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 20:04:00 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame B41B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:48:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B41B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame B41B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame B41B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B41B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B41B 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYn70NyX5b35Ra1oxrSo0yLSPFCv-4JtHYeSIKJjc_xaaJdtaKXwJslVEs0t9h0rlPJbuYZvyqOS3GQzPCujZrOgKsHhHS1ZeF9icvFAsrO0VSWjg
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 7831 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:31:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
84211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 20:31:27 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 34CF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-...
419 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7819fd1f26d30293d552d59793e00ff2c402b3521af30a5b7ba6be3873d55984
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
419
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 10 Jan 2024 19:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DZMAETE2B5KP0PD67YF4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 10 Jan 2024 19:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N9EHNM34VKDPVC9XTX7W
139.5.242.75
glookup.info/api/json/ 		196 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIsALQBywrb29ZXnsCm0pn3O2RUODQuejAABVVq5ochckJOfgzHxWvQ1OvEHnYsVotAsF0xCgU%2B975I9IeW4u84ZMxWe%2BF2nNtV47qv4XaKkjNB0jCG1j87itzYk8KA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779913947babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PSOR7j4Lb5t%2FwwYxCT8T2n1ho4XgmVQe7aOORMdelP5KJ%2FmOWXoyYpCCSw6nZTI03AfcvJ2BUKI2zipsvm7%2F0ZBX9MwcqdII5NwAWREXs4taNdaZxpuRREkwh%2Fbyyk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779915965babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZF7SqX%2BbJE0hAfuUSXFlaopYMMwnGgzpmNjiSrx9uVMYeiobnJdYcqDOIDYaUO%2BTJ7vPKh7edyjNonLGfdQwiHnL0TMmqr62XP9NX9iHqR6l71bXltNiOlOgKEfTRI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779915968babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
440 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fwq1IeAKHh9dzc%2FQ%2FCfpBkOt2%2B%2BV406M1U5N1XlTLcFEvcfDdqGM1%2F3WLVdJ7QwHFXhzBxjZwleCuxZCZXgBkYC7SVeHpLMwXsJ4ENKkxg8j2LFjJetnHFSSYWTdUg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377991596ababb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1IGJWnGV1cCEohU%2Fm4%2BOY00bVSaSF%2FVcVn5VPadHD8xn8VVzEf7YhF7qj21XKBb9X5cYoaYIfLtDpByHw2mgMnEK6cMR1fg89HtUmfdzIp3Y8kEDuK3kxLy99PnlH0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377991596dbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkOW3criM6XZy5Ot%2B6r%2ByR3B8IywnZYKj0Lwn7JH3k5Pxq%2BALe8vKFQigrQXz1X7hsE0fTiMcbON4vCkGkw4T6FR%2FKoaRIQXcYj75WOAWxK116tjHrdv9228kumqyEI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377991596fbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2Z0YD%2BJ7y6saTDLxxSyQQss6g1GGJqZEaMoZAw%2F7veB%2BGqeWUa%2F0joyw6cOO9rjTIo1U7WClf3PrJnJ6UAivG1dZuqPkU5enYPwYMIKt8z2nhq6HWnd3wuOqIaqE%2F0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779915971babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijojx6jm0jJFfTMv3rFFN0zdCkdHHxLExderrB4B3TqlKbSFAKmoGl%2FZCvNZ8gNKeSTwIcLZJbDOrQK5d80RvAPGzfih9nlnF%2BJpZMi%2B0d%2BJC4ZaaAgO5VLT3mQAZzY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779915974babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxVwStARkzSjhb84qig8DGNuYzhinjrFKzjcZ%2FVxrFytRS0BoPEwZgZiBdR0Uul3g71g6iFUkWb9wpCpQAHKPwQGjH4gGmHE2nIDdWcmSDz6jaIQGcTUE784SACqur8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779915977babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wF4%2Bhx0Ay%2Fp4nNA3j%2Bjq8sdeLKOHgrG29Bwob9q7PHNFK7jiaiSsy5ujPSPuagJW8kRE%2Bs%2FezJK%2B2yIkeb46l60Cted1Ni9eMXmEovWS4w0IwtyjrqXFuyVBLmVkr2g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779915979babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDFzfWyu%2Bw18aQTq0tmxnWAyQi2DBaoCFl7f%2FzMeq2Evdc1cKq8YPiP7RvjTAYBmzDp9r9IeCPxPUF1q%2BOpJSQZMEatMDsg%2BsS8Qghqm57247UU1FGQuffSK%2F4%2FnIj4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377991597ababb-MXP
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		406 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Cmrec_1%2Cmrec_2%2Cmrec_3%2Clink_hrec_2%2Cscrolling_sticky_footer%2Clink_hrec_3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%7C728x90%7C970x90%2C728x90%7C970x90%7C970x250%2C320x50%7C300x250%7C728x90%7C970x90%7C970x250&fluid=height%2Cheight%2Cheight%2Cheight%2C0%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916498316&lmt=1704916498&adxs=326%2C650%2C974%2C650%2C436%2C650&adys=378%2C378%2C378%2C817%2C1220%2C1887&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C2&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&tos=~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x40%7C0x40%7C0x40%7C0x40%7C0x-1%7C0x40&msz=300x0%7C300x0%7C300x0%7C300x0%7C728x-1%7C300x0&fws=132%2C132%2C132%2C132%2C644%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAA.&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D113a00d3e7196414%26hb_bidder%3Dappnexus%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=853106530%2C1058356628%2C1708490306%2C1819770311%2C1905034420%2C512774694&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c251dc3074b41f2e40cd1ed0dfc204005c9d179280cea3a25dd109e4d6c583c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,284351,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44488
x-xss-protection
0
google-lineitem-id
6136649722,-1,6136649014,6135256770,6136646323,6136652059
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138371223081,-1,138371234301,138370767460,138370191698,138372142409
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=21820773827&cmpj=none&v=1&ttm=1704916498363&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=9148&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:58 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=21820773071&cmpj=none&v=1&ttm=1704916498365&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=9150&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:58 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=21820906291&cmpj=none&v=1&ttm=1704916498368&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=9156&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:58 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=21842489290&cmpj=none&v=1&ttm=1704916498374&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=9159&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:58 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22851126297&cmpj=none&v=1&ttm=1704916498376&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=9161&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:58 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=21847076120&cmpj=none&v=1&ttm=1704916498378&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=9163&e=slot-request&tenant=publift
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1218/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:24:58 GMT
139.5.242.75
glookup.info/api/json/ 		196 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0OOP%2BAKLh34TDLhFSk13BuJj9B6T9eb%2BCRUBmSV%2BuF0sRW9Cst71kh3krNvBrWBmgoSL6F2TzfK%2BULQGtrW5PInAg1QeEoTW%2Blrsve3CpfpmLAqIGDJGJQ%2FbMBfUKs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779931c98babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtnkRCvNZG%2FjVTaeivOaCn5A9P4pDl%2FujpHVA%2F91QbZxnVZsiwEuAKNEEIs0DQsen8Mm1MI39HNX%2FFYY11E2h1cEMXngy4CgGttyLEqRnxSqTE9RWQcCtzvDt8uMB8M%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cd0babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRhjkY4ZMmk5INhvaPk86pVziTXOFr%2FXAd15ioQzytrgzsM4IMDWf%2Fk8vU0Ff5RN3agUTgniG96%2FVSjnsGTCWdA0V08cu4EPjgTzKhJ%2BV08M9ouv2LkZ2k81iDJz900%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cd3babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDa2JSm1m4%2FsRO5HCuv91PJHnrBz8Nf6KFvK9ToJzofe5vn%2BqmXvMaCkNzihHDdmG0mtdMkKEkQJdI%2FUHuA1eKgeMKW3x0QECzyb2iDf2zY%2BhJe7qOM3XChhmuubVTs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cd5babb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKpiu9nlbFlGnK6RsGuvwEQDHIVb2vITdcUwFqxWxvFVxMY7KZzp4NFphoYoeoVjk6Tngd4Ydorfitbs6tP4BV%2BzSnvMCWNoLViUKueKAf2sxTZVSq9ZEA9zqi9N1KU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cd6babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J62EjUKTX%2BtjExAA%2BwFljdDDgpD6%2BqkfOGxXTYMsJW4uH1D7NUkyj8wKqnr%2FG3EnIV7fgZ2KIWYszMqSVqomoLi8z3yoAE0wjlzLqVOeE9iye8tONE9ItVaieM1F03M%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cd8babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gr3q0ooj0lnIh%2FZnbdbuE3BmoOstnUwAmGfeLyV2XB9PJAxLhjIWggiXYKg9BZV7sqRUpwva%2BkzW0cLAPLK335UrTqooX5UUkojHe2%2BNiwstfOQVCBpMZzZkNENLeII%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cdababb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1su5aXtwpDra4TCD4zUUWLOA99vJPAHCsHxaylYCybUfaFH9oWGkFKPWQW9%2FCBr%2BydzRqmRDUUySrW4cUsWlj1AzdUNTHOmyd%2Fu%2FjBBZEUIXYV3Y7bNJ61Lra%2FPeEBk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cddbabb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAqAeeXmHSphzNyDLz2D538%2Fjkn8%2FXNgQPE6wITYK5IJ8CTgmGqlpaZZVmqOq8xdiBYAlH9PmRIgU3thyK2lYIckbXZ2MQLDbuh08cY55IYLS%2FovvzN7D1o9b%2BUiTdo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933cdfbabb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRA%2FaeuYpAb4o0D3XYXn%2B6JqzU7YJipWkaRpk6L1Jmd3Sr2bxajQ1Wh7nkp%2B2vsT9if9vz38duGD9BcUX9bT0O0vLQqrssaXqxKBjR7%2F%2FV0DZs2qDTlWBz%2B8crZcwSI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933ce0babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFkoyvuehs6%2FstuXergI8NctZYTOPmE2NpM7EePvUsbOlFBOyaehO4FKSWjpRlgqMZKWrCy5UYXnPMeQ3FEs3MYCMbpB4LcnvvR6BNH0z345eiW62vVmvuNBs9ay%2BXQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779933ce1babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhGjpNmfgADYGn8eZa2XyWu6qtGcZg0SoeQhAyjniZH9mDwpD6Z1Aa3ykbVDYxhX8hpdP39oeTO%2BAXPwsJTuAg9D%2By%2BZzTnT%2BzKDr7%2FLJmVrp4zG0xFAsIIZGeGsy8g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d17babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPr5mn9czYu%2BIB1fvw6jKgk%2BXEaH%2BhsD6ADezl9TCuwTdOlfm77V%2FuNKZX7PBBUvWLOyxVHhSC0RD20ijB45s%2FYHWp9I4xCjs9%2BTeFX7YSINiMVz%2B6E%2F1ASQpG8fCGs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d19babb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IV7o64Znbfe%2FUeuFvrZXd1rMPh82nNjy0xOABfzChGns005%2BxmsEXaqrmFhZXZvlmEVKQVlf3cHingRNjLvHul%2FDq7ryJICH4VHaA44kxUi7hyml2swh0je2zzygdcg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d1bbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWdyL9vrF2vUsZ9fVIvDbJwRtPHS8rGpqTCL3pd5KTpQEEBJN30xQ7SzM0r9u5gYQtvCFYjLbR2IRBjBZdgxcH95TwreYarHxdgxiBCFoqMdE8VV4dBJMf5KCMi2Uhk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d1dbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOT%2Brc6JC6xYrl2b6Io%2BqN1OKR%2B3oCBvCPw1DlkBPJR00e%2BqYdhQ%2FD8Xhjsg14cgswtK%2Fi0GZyZ%2BOBm3%2BSZzT8ksgjwvKgm7z90F%2FWHfBGwBe4NyC29OWRrSj8PcA%2F8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d1fbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9qW5vk5KnTJnS9OFfjbB9dLr%2FXarxj52XiQgxfDtaPETB%2FHIuizdpjUmOhSlERqcVVmAm%2FA8kfcSkZtapzMkuTPFFl1L%2FGuUj5yCEchTnRrnXThTX0EbolazXmn%2FhY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d21babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IitA%2FebYezavgSsZeqWlPo62C%2BxnrzuvzAuWjpB4niipAGUTL9xVPxqpxKzQSfscn%2BK1EM8fy7b0dENZLMinyVzhGeXaQImEFDlM4l7bw2DvHOVeqOoEI7jCD4mHsk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d22babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJJzdzb2dwYyKn%2FzFbR0OOXw9ZNEBu%2BT88WEahPELOnJe%2FHtQFup27XBsfUullrweolYx6DqTsesHlQXN0oT7AbptprwXmT33P6P%2Fr5ifT6bYjqW2gX3RXrlNtlVuEQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d24babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo48vJNL4mmfjYZ1wSweNxPnE2Qtq2lXXgdzQuybYrQ0n7Ec3RgXVyG77pWyYIEEjMdXNRVHkTvH6kL7Clm96ycXXjJkkLHEONRMzPFae3Ij2ecz2%2BMjAh6xvTspwB4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d27babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn1qSUtWrtTqB%2ByFvybzPuJMXqexBHE344dcrknI6Ta94z%2FW7SN2JG9%2FK9MIp%2BFylKOU2LW5rSlRy%2Bm7Nq49LZ8Pas54kgyiEEsW%2BmwEIonok9%2BpRaDCB7%2FwB0fkaAI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d28babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxRk1xq8SF11QoOMg5UpZZ3VKjLYGg0HbAVTcrligp8dWsA43ftwukDeeSsqs3WCwxg4Em3LiPxo%2BaFr4lfrEUc3P2bxjWkNe2%2B8wNMR6hKZ4B4vjolrF0TewYfE1vI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779936d29babb-MXP
alt-svc
h3=":443"; ma=86400
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9991 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
106459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 3885 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYnqCDggIwAQ&v=APEucNU-5JV44__99TujYmrn13UF7xHyLjslsBxyLpx4o9P5PFy5KeOxHfYvoP0tqLDkW3blueirs4-mCXktXA08e8BuK9sR9JGv5chmXFjpLPqzrHziJp0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3885
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1&gdpr=0
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYnqCDggIwAQ&v=APEucNU-5JV44__99TujYmrn13UF7xHyLjslsBxyLpx4o9P5PFy5KeOxHfYvoP0tqLDkW3blueirs4-mCXktXA08e8BuK9sR9JGv5chmXFjpLPqzrHziJp0
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUT4W83LDv207XN2LM6eNgbiTAJphGLgdDu4ENMuMEKnmCqCnJgYg74xuLdpGMDGlHNCGUcaVK7Us01qgleRZ4w84g1RctQx2VG72iTc7JshSlJyYu2qf2PKMYJ%2Bw2dfDV8cHelkymiYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843779950f6824c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3885
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ72EsTdxh8P9zeyMg-eQQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYYnqCDggIwAQ&v=APEucNU-5JV44__99TujYmrn13UF7xHyLjslsBxyLpx4o9P5PFy5KeOxHfYvoP0tqLDkW3blueirs4-mCXktXA08e8BuK9sR9JGv5chmXFjpLPqzrHziJp0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhmHRXAb%2B40klg%2BxfKPYJQFoyu66pcCOuIfCaxeaDuszTx48epzXqK%2FCweAmXDBRTLmzEiQcgm5tLpep3tX2y%2Fl4z2G22W5Lj%2FNB4A1H1F7cHGO04TXS%2Fwu5ehZqfDHoTmgzJuXshuOIgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84377995cd2c01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/3426037002007478272/ Frame 9C37 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
7fc96c14f8de30465d739851fe764f0bd5948c526f0d0ad7f73ddf9296f0a507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:59 GMT
expires
Thu, 09 Jan 2025 19:54:59 GMT
last-modified
Fri, 03 Nov 2023 09:17:42 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 7DE4 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
613e41d55d626878e4214a5ccc86076eb694d71bbef90472950a773960ae9de1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4219
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 10 Jan 2024 19:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DBZ8V3HDFF1PRP9N5JB4
139.5.242.75
glookup.info/api/json/ 		196 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b6lPNd%2BHr%2F4BJfk8xOXupykmW9PD%2FFHesEZUV%2FKFBaCXzOZJXkR04YFxykYABMhhu5S%2FEm8husLfVmlwlLRYtIpSdGHaqOwa1Qx8dnOMmu1p2ANMRW%2BdmbGObnvmU8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
843779948f63babb-MXP
alt-svc
h3=":443"; ma=86400
139.5.242.75
glookup.info/api/json/ 		196 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/139.5.242.75
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpvfKjUzbwVh%2FdErMpKLk9C3p0tJBpuq7BcycEATThrFWAmx6piMItbuvYH9XkhGTNl3UUWI%2BCRd1AHD%2FgFXKMZQImUbmZ2VoAXBaWiYc0SYCjNIX58Tg18Ht2vxfsQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfaababb-MXP
alt-svc
h3=":443"; ma=86400
105.235.71.133
glookup.info/api/json/ 		183 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/105.235.71.133
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fo8iY5Q54mT2aWAJX7gcTJYPust2KzfVElAWnsTGytAF44pS663nR%2F3kCgNn3fEkARbL8m7CKrUslWLueZS1KmojApEN1mBfG7CUqRntsIiF20CuwhlOpmZMloLLATM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfabbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gw1WC9du2hmyoXzhiJUxpUnEaskkvHZZdtwPgA%2F%2BXdNgL%2BY3H7dt93v5a7DUaWC0IH27Xz%2BiCsMWOtVcmfU2PfTkynL9NnsX51o18aOHIPmnm0ZOPnkiXnM9fogmBjg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfadbabb-MXP
alt-svc
h3=":443"; ma=86400
45.132.227.195
glookup.info/api/json/ 		193 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.132.227.195
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z9DohPQA9Bo4%2F5hQHGsfxVbvtCEzhpJLQXu1U8Djirwj8p0MTZWuanK44vltnwtwbwfSUGebuv6HHzEf3Ax43cYX6jka2m6rTMg4Z%2FOOXCM5z830KlPTyDSIeHXXpI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfafbabb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VWea%2Bu7ZZIaIEEnBFyARE4%2FE8ROMF6%2FMIshuwr2L%2FZMKnuRWrqezEufjObrftLMcBFyRDzHOdTvxU8A0SC1szUnym4QbrWX5MkwrRKJf05qGrz8eLrfPJy9u4lCxpw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfb1babb-MXP
alt-svc
h3=":443"; ma=86400
45.130.83.82
glookup.info/api/json/ 		189 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/45.130.83.82
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNyZSYSkcp%2FIMLiBJidix6W3V4m54V8M0utqqe6ACWUDrdei6Fasd7LZI1DO7m8QiCaohTgK137ohauyFPzNth7xvRkPgRYYepLy0BO8pSvC5xWKN%2FAsTDAGrlVFRrg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfb3babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYXl%2F%2BouT2GCoD2AcxQNZdSa3IBKVWJs0U9ORzVYdpsAvTKCwINPUG8ACEj5PwkiY4CjiLl9SfNPs6bxGVNAfq0cddjk2Q%2FxHWqdlCOteHqelMtYOuQGV6fX2cyW43k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfb4babb-MXP
alt-svc
h3=":443"; ma=86400
91.105.30.46
glookup.info/api/json/ 		170 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/91.105.30.46
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5mVnLuvpJheFcjmNBRtletBCsM%2Fgt8wyHbHDxtSxPSx5jHH5FtzmcDS3KM2gUV6qjmLQoH%2BGzg8UdC3EOkcOTVHn2tufjV27s4cUkO2NLA4ib1OM%2BuFuzC65WU1Vu0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfb5babb-MXP
alt-svc
h3=":443"; ma=86400
71.58.215.150
glookup.info/api/json/ 		196 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/71.58.215.150
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jkm1IXN1Kj8QY%2BgFmZJ3cnBPEikkKf0AXKC%2B002tkHBkE36mroaRsQluhe878D2xngX6c0e9RoQlonK8cogISnnIYiJm6ZjQrjZsA4Xj3Taxtteine8yq3ggnw4kKR8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfb8babb-MXP
alt-svc
h3=":443"; ma=86400
173.252.127.120
glookup.info/api/json/ 		192 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glookup.info/api/json/173.252.127.120
Requested by
Host: grabify.link
URL: https://grabify.link/js/tpage.js?id=7c022146ef3443b4236ce01b310ef40f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 19:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKgGUz4Vav8MxFSD%2F92P9y5ugNR1M3paoJRqvu5WSzCihL6ND0oHLc6u4A5OHvKA%2FV3rnQYQ94JWTzQukfQRLxMK9ikTBLb%2BOxevKLOq77fA5V2Jzfr3YParlOIlP1c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2073600
cf-ray
84377994bfb9babb-MXP
alt-svc
h3=":443"; ma=86400
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 9991 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7DE4
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=d07a02e7-9f11-4152-8204-dc68e15622a5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=d07a02e7-9f11-4152-8204-dc68e15622a5
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JVXZHS8K92S065NKYP08
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=d07a02e7-9f11-4152-8204-dc68e15622a5
date
Wed, 10 Jan 2024 19:54:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7DE4
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=0e954c6d-461c-472e-8a13-cc56d92f0cb8&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=0e954c6d-461c-472e-8a13-cc56d92f0cb8&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MS83ZJZAC4BJY4F8FB2H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=0e954c6d-461c-472e-8a13-cc56d92f0cb8&gdpr=0
date
Wed, 10 Jan 2024 19:54:58 GMT
server
_
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7DE4
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3479180990041155000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3479180990041155000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4SRY73F1J5K18B55JHS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3479180990041155000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 10 Jan 2024 19:54:59 GMT
ecm3
s.amazon-adsystem.com/ Frame 7DE4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAGJmE7LPewAABRdza0NvA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAGJmE7LPewAABRdza0NvA&ex=beeswax.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T8795JKW9VQJY6A8J98D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAGJmE7LPewAABRdza0NvA&ex=beeswax.com
Date
Wed, 10 Jan 2024 19:54:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 7DE4 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7DE4
Redirect Chain
  • https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d32b85952sopae00lr879hu9
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d32b85952sopae00lr879hu9
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7QMWX67YFBWVM9SEMRKS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:54:58 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=acc8ce73d32b85952sopae00lr879hu9
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7DE4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XFEBEWMFN412DX0F186R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=&gdpr=0
Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
99
Content-Type
text/html; charset=utf-8
usermatch
ssum-sec.casalemedia.com/ Frame EDDF 		2 KB
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6555d1243e4d5475720ccffbecc70070f3f15f0c73a08490e46f7dca4d118256

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84377994ff4b24c0-ZRH
content-encoding
br
content-type
text/html
date
Wed, 10 Jan 2024 19:54:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NscY05rIki0lvyeIMeMNK38qOYUmnVOawWoFSTvlPfEge7hOy29T0EXGz1qNfv1u6sS9DxF0LyB8o%2FEs%2Fna9biWZlLAREMChE9nJq7GdupzU2zuZ5WDAcERT6IEwhsu8YIzDAKheEpNU5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame F171
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
816 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5ea8eeb895c23a186758a52f6a4fbf4ab7224f3c2aa58091dc134ab3accb42e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
467
content-type
text/html
date
Wed, 10 Jan 2024 19:54:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 10 Jan 2024 19:54:58 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F900
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3921665730064509669&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3921665730064509669&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:54:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HTWK2N7M4T1EXRJ4ARBG

Redirect headers

content-length
0
date
Wed, 10 Jan 2024 19:54:57 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3921665730064509669&gdpr=0&gdpr_consent=
0.gif
id5-sync.com/i/495/ Frame AB35
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 10 Jan 2024 19:54:58 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
364
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 19:54:58 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame A4EE
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=23b27d5e64461914&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAI6N5SHqch3QMLUKCYAAAAAAA&expiration=1705002899&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAI6N5SHqch3QMLUKCYAAAAAAA&expiration=1705002899&is_secure=true&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:54:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RQ7EEK2DJRJZVDV7147B

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 10 Jan 2024 19:54:59 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAI6N5SHqch3QMLUKCYAAAAAAA&expiration=1705002899&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame AD01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.140.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-140-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119534
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 10 Jan 2024 19:54:58 GMT
expires
Fri, 12 Jan 2024 05:07:12 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame E8A1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.148.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-148-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5fee4064714573f6383c4d0a771f200e5ed14d83ec8e640f9855c8496bea482f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 10 Jan 2024 19:54:58 GMT
pragma
no-cache
vary
accept-encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9444
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=4261276730387416164&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4261276730387416164&ex=appnexus.com&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WYG462A34QWBWC8RW6ST

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f82bce1c-235d-4302-b720-b394e6e9011b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 19:54:58 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4261276730387416164&ex=appnexus.com&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3036
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4049355094611287000656
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4049355094611287000656
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EKK7KHSV8ZJGP32E26F5

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 10 Jan 2024 19:54:58 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4049355094611287000656
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9991 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvuE6EfaeZauLFeXb1PIPiq6ZuAEAAAAAOAHgBAI&bg=!oqGloe7NAAaumcC-jpk7ADQBe5WfOPJBxWM8JYKy-uoeFJ7XVduzefLOaqsq9pfDcfmuW9MqffayIpilcJ9_oYcUItlXAgAAAE1SAAAAA2gBB5kDWNbTOTtnsmGkwJUba4IBffjVlV9Nnp_sScvbCJT3XEca8QvdbyLRwJka6_Za-e7IGOMAwe9pOrDugpwXoXgD1Il3cbqccs-iw1acbhRdmFnDkMSrqqv_m6yAPdrsRltpg1iB7Qz6NAFz8fmX2Le3quwo-fwOQa1_M9l58awdPl_iV9zW6z8Y6eZw7TEt1FhuLECbSDVhatvBI4dhGl_24AX_lWh6E9O3WfoZ0zh6B7AhkmWGQTTLV7WVDtzmk8jFXbZFFk_DnmVpGv_wCPvp83mA0-rVIh3qU5SEiZnTEB7x_djzofgkVKdq9fRi84-muqoc5o4ouY_dLlwZnFNAwhI6GNDFOSriOejxyqto0I1DXpCAgEu6Khn4kkk8KR1yoMglrGOZl-G-XjJ35fj2hk7lZcWND_hdg5kbfdKGgEgUb3KZAGeAiCvrizfrblZnk1rxNNCv6Hg49gL8Egsv8OUDUXN8L_O1BRzRT8HSeyNqPAVynklxpxjA-JrmeZwK1sJSP_4zO21h62skzIEBL7s1nJre3_-8z4h19V94BfN1MOiV99wC35l8CRiHCGPMnTf_LBHyazIarD_9yVr2jYVJbhBcnpOZW1UHDo2FCHJIM4mjfim9-E8Q-Pty-JBa2QtYTZyy8H4-AV-efUSbRGrneDnMqWMBbJzTbJcEHXglTy6-6X-Fr4OhgHrMFWhBrJpcP9Iq0dGGZv29D3ki7PJ1MnRzgQp290kk9Al6sO6H0Ml0Ags7sYBpNBWlhqc61I-Tnciqxc7X1EG10lFalscAcYKC66-yhsbj8gmjisK3jVSJh7e1rv0jHzsAH8rhNbU7O3I0VLNkgWaxOBvpwsHhOC0gBCIMlXHg1OG4YymYStgkjkszuFhI9epqZ0y2TMktLbC5BQNlYyucbrXFvhC5W54LvKy_i9H_yCtSKFP3b8Wi09HFC_RMWUul8uowPolFkKqE6-7pu0k6qRqbGxLUTf9OvOtUJ9X22Cc2xa6hVOdfSWHNMriaJRzfc5R53ICNJEgChEAIY21wCQdFXOgNWuCZWPVE8AzpzNenFSmRGm3EKR0jeWKiqfkMQunVw1joUf0p9L3Lo5Wn2oZF-a19Hb0RPvRoy4gnIiDj57bhD79qC9z7PHk
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EDDF 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame EDDF
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ72EsTdxh8P9zeyMg-eQQAA%263265&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ72EsTdxh8P9zeyMg-eQQAA%263265&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c914b96a9739471c9dcad52fb923f4d5
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
235813
expires
Wed, 10 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame EDDF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZ72EsTdxh8P9zeyMg-eQQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nii6j9fIRlb%2FHi4bSevjSZcR0ghLlIVSSXhrPrEPogXvuS%2FattHwYL4jOwXW%2BrE9VPte%2Fac2ubPaA4TVQ3VXRLs9UdBYpnA5QkUIOB1r%2FZ%2FWl1dx7a6xH8ebphRf9KkFOYCPTMCLD%2FEB6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843779965e4d01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMpc3CsJoDUsFPq4Q6nouN4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EDDF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZ72EsTdxh8P9zeyMg_eQQAADMEAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XFN89E0QQSVX9D6QJCJF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EDDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ72EsTdxh8P9zeyMg_eQQAADMEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5e9Hg8ylhtXp_HH6bY094&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5e9Hg8ylhtXp_HH6bY094&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNHVJRZC3oBWN4B4ZsVyKrGwYKEOZYa5tGo2SNOLMb1ymNQsBwunQydQhUO%2FWvXmOgIhY32Hbtg%2FOEahOx1QCRBCiLPKa374TUMrb65dJZsoDqWxTGg21DonPBAdazkLM9WtMx7pwD1hmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84377995ed6d01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5e9Hg8ylhtXp_HH6bY094&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame EDDF 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame EDDF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3921665730064509669&gdpr=0&gdpr_consent=
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3921665730064509669&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYtYqYr9s9VO%2FGTd4ZTZIoW9sILt%2BnjAGyl2bP%2BamcR42UgjrpFZjNkER44eRqnMK8LB3ZUwyTh8%2FZFkMbwp8SjjEHeUgak7blLAh5Bv%2BaeJmmauNwgMglp7ckKDOSI8hZe4oTHYcIBabg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843779961df401df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3921665730064509669&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 19:54:57 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EDDF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9137344626810906505&expiration=1706126099
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9137344626810906505&expiration=1706126099
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFofbUX49O1N0xLIr5p58bBNTuPJLfj3LymLCz19T5moFtqDKg7AC%2F%2FtaLXr1DFU4rp9SZCSmADCU23N5p0mmA2lnV6QpWU0lFE5V4rPwntkjuMqGWAh6clG5exCA2yxjPhgZ9N6oPi1OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84377998095001df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9137344626810906505&expiration=1706126099
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EDDF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=ZZ72EsTdxh8P9zeyMg_eQQAADMEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KH8GN4EJMVFRCNSC22X8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-55298cd1c6542c2a0271318a3f3b6b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jan 2024 19:54:59 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F171 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=fddb2635-f6a7-81e2-9bf5-7112af26aad6&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E16Y46PVMS3JG0ZAJEY0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F171
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=115945671295295080
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=115945671295295080
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=115945671295295080
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame F171 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fddb2635-f6a7-81e2-9bf5-7112af26aad6
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TDQNWERGXZ8QC2RCS8M7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame F171 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a50d5a48-ea0d-3a18-5bfb-f385c7156136&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame F171 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk2Mjg5ODItMjM3YS02NGJjLTRlMWItYTkzYzBkZjdhZjU2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F171
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4iyt9GmkTGwd4pZtUWkHY&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4iyt9GmkTGwd4pZtUWkHY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4iyt9GmkTGwd4pZtUWkHY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 48D8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88114432&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9c569c261c41b31c2276272b5674348c5e57225792b895da525861557d34b6ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 10 Jan 2024 19:54:58 GMT
content-length
1839
content-type
text/html; charset=UTF-8
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E8A1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=ym.com&id=VEe9R__OOM_ie1BGpKdl&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW7EXPPYMZA6Q6VKH1NF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame E8A1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1704916499140
  • https://ad.turn.com/r/cs?pid=45&rndcb=361156704
  • https://sync.1rx.io/usersync/turn/2438663765918997326?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-b027dcad-66b8-4dc9-a441-6a22d91889...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003
43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.154.107.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-107-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003
date
Wed, 10 Jan 2024 19:55:00 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb027dcad66b84dc9a4416a22d91889db003
content-type
text/html
sync
ads.yieldmo.com/v000/ Frame E8A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEK65Vl0BNgWrVmzJZM8UmFE&google_cver=1
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEK65Vl0BNgWrVmzJZM8UmFE&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.154.107.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-107-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEK65Vl0BNgWrVmzJZM8UmFE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame E8A1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEe9R__OOM_ie1BGpKdl
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=VEe9R__OOM_ie1BGpKdl
95 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=VEe9R__OOM_ie1BGpKdl
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 10 Jan 2024 19:54:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=VEe9R__OOM_ie1BGpKdl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E8A1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVlOVJfX09PTV9pZTFCR3BLZGw=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame E8A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=4261276730387416164&pn_id=an
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=4261276730387416164&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.154.107.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-107-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:58 GMT
an-x-request-uuid
0f9bc05f-7d4b-43b0-9de7-96fe0e30e1f0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=4261276730387416164&pn_id=an
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5D53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutBWR0SSmYWl89d9M61TW4cpCjJl6FOzaSBS8EzCfHsUyX-gHAyo0ZIt0t9IhxdoFPYKkHzzPqy3OWHDu5VtXF1dLMIu2GD1-5aF4DPFqgTutaD_3krUAZ13a4JHnfS6mNWoACRNFeVLSLx4qw5qgXDyC8wG7CtkiHl4jzzsDQhvNPW4QuaxQvMbXMu0ho9R8TxDsYid7sEm3J_cgd7vFQLkHB6RxeDF0GzfF8u43fM5E0kj8Aje4n8D7PMc2yQ21YwvZlZ0eheLTNB8wfpJSqzhwX8XtqeGZX9PNkse9XId14rAdBPWGorxtNhZk-GLGDVtwqSTci8Ww7K2tbsIaGbjG_cCwXElXn8PMTQtOYa34GOYwEYAsztqlLOw&sai=AMfl-YRW4ZrBsWvRv91Sg6dpX0LTN8byZ87sBjBRNR2vM1zwq8NXnOikHioq0zqHhX2A0PKa80WX0IsGx8QRgX32nI8OQDYILHKZrIHcC0-uqXPxHGTJxiOKeMqnnZiiLg&sig=Cg0ArKJSzC7-lj4mhgQNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5D53 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5C2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 452A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut865npvusRntFLC7bED4gmaRcHSh-rtTlF-J4U4xes9iKJUft2l6Dc9RBGo3IezmEygMs6zGc6ranKd4qT6ZGf-EW9stM7M8651YIqpIuqwd_-neOociq3pvalzCg7fEmqi8o4Bo8Fxz39T6eXsahvo8mKMUlp5Dr6mYJ9QSb1C1Pqw7yDT7cUONe83e1nBVUennJe1lPch2BqRovc3-EBpDtBvjmYGLPBnCx9eoZ9eCRlfukb3SufFKbfEc_twW9muK9Rfhf-LjSoDfHZlC5DQEv6jWzpI9frOJac2JuiUBWoQ11kDuTe_O69E4Rs-vYVJWeFG9DUme_CKq71Mb2EeIXDBmlqGaSvS-jA1XcG28kjuOj0eRcbWJgvg&sai=AMfl-YRkgLPNF8s52NLcf-CuMGvolorBSdhPqomaDbszmCe6cNhvWAqkSKvfd20vI6BtVevWUnUzRqJe6V96A_RgUFMHVh8yNd7m6Prdinkev5l3GA_nSTAoq_Ae7pHRUw&sig=Cg0ArKJSzDmf6zPBhVUnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 452A 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiKuPevIlxTIDHnLLHeo9VbWkzqHhIFHQEM3n_nePjKiVsX8V6zORRcFiBuAUwqlI1gi0dVGaU2_EwVqJk-_q6JCQ7NYs-Z1A7_dUAaYQSeJStdwPQEGDPLqmdi4lhPWVas60-0jxRXMvyjSbfTHUX7lV91_r2axTUOfp_otiqPei7_Lwpa_xVw40YuBZ3HHa3sK3Twuf366tzDxqWHIwd8jlNzaF_oPBPckw7js8jl-PB-nnXYdkhUHl2ZFGSktctkCYjzeMH4K87KHLnpDLM1RJqGbHrn0wuaSl-Y_mNJl0it3qTmYHv8y6KoOBvYKf-wmedVJ-XhwWun8FhJ7yyUng4jhui_nRHBFU9IWI29e0GzCxBUkHpET339FTtj690&sai=AMfl-YQBoUoFQEjo2q_3j5t_LKO3L8LaVH9nxjOfJZJdnyqb8iIsfCGvc1HRJHUdwrywX5F4Qs-1zQ2Kuk61uSE1NPcGKD3MZZkLTUdFS8EjsXLIOb8uePOW9IEIgU-9OA&sig=Cg0ArKJSzP4WK6zEcs-DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C6B4 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 197B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUaRZP36CNZk5QAn_2ablnMgA3X2dppeOcHcJ1tGa5cbgsZyIuEV_aP4BTkFSFSvbzgbvTrf6SNqV9CbOyc97-S7EMLqcPkOHNGku4FDFqVklrubsQgFaRWsK3NGm_XaL1jf84DYzAZb_knHq9GcPh76DKreul8QXdc05hVCYWmA02nKZmcm3YpWXy8hxjOnVT2V497Nfhj3q_aAzW65Ejs0dCW5ccFlsC-dQAA3nWWV3Yvpt7zJm55a1L0EAe5djBN-DUZqlJDI0fy1WXdnAl1OCop6fHIA_ULiuFu9hMrcrIeKWT3vohl50JRAI9VZTUEA311ltFgK0VrcAmg2sezGcSQ5OprSPrNKNUf_axrVFC3LXpZ39JC8Mo0pzh-AM3lHva8Ifeye9XJYZg&sai=AMfl-YTXAWQf-d8diGyJ0PVUOYSulArrOVBnoSZN5vBv9W5LK_6b7YtWF0xlo7mgIojA0aZYG1GS3oloWiDaD1chfb6YcoXBoNN2cctbpzAa_haoO9xkuBC04HaE1V8Qgg&sig=Cg0ArKJSzBu1NckqaMpnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 197B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7E3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjQWBLfxijwdfAW39J6sDAZdneY7Bxu4Z3-GaiP1PsPS6PMbt7L7tIApKTc1bW2VNLmoLZsPllLtTjLXJWc0iPSoq9R7bBt3Mbx-SK8os9d_Am73F2HXOvOZ50VoU3ILjq01Uuo2ldY68Dno_0EIi2YJRLJbAWvooZHno3TjTOKrtuzYlQqKIutS49VDBoQXJb48-aZT8NkI4pNzUNN7w4ndbToHMsAbhBJ1W1_U4q_8ZKPXyYUFnUfY-LR_FZI1gnOXkznxJyhCUvCLuiWwU8V5urkELzift5t-sMeXA0DqcujtNTDKMLCPZ4QoJXqNQv3YWus7dIy9q3PtPJy_bYgMonRizL30Za12Pg3GVS9La2GJ2B9Cj1byVbDjtlpe1h&sai=AMfl-YQz6ok6gLnNJ9hs2lbasPz46vM_lOD6m5dcTjiNj96phVEaeHgWuQbYCIeZfsCn4TYxki_oJxFFOnwSZi5kClePa7fQvjxfvca8JNiawqvJugGFTdBvzmT6qrtjVA&sig=Cg0ArKJSzDoeFhwjd1mjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7E3F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Cmrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=8&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916499199&lmt=1704916499&adxs=326&adys=378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x290&msz=0x0&fws=4&ohw=1600&psts=AOrYGskxI3y2RZlw8m1tdD7UqY1K6JpEUa2Kd9YmT8kRPm-Zg-3VAruI_WNwZfTCNUSI4JQpQn5aKhCw_AZ1NeSKk6WdPs2oDrDBc54%2CAOrYGslbNvKj9dOU1pTYfL-V6hQrdq45bDKptthRgzg25Tu2MJSfXKzVeLqYWkkK_i63d4Ukzg1YY53V6N84cmBrKCO3jJZXIzhqS7c%2CAOrYGsmIcwqKek103qUTerVrIam5PvCLhtHsM8pK7fezoEkhmyigXB9roFTgELBWQeK8DkdFMW6VM-ebxW_qQXLilB2d4YwiXFg1RAE%2CAOrYGskuG2jC4Tn2TCQVeYdnaBdVmX6s4dXoC9W6Y6Z1KKJJMQcZYVwLATCCrn488-MaA1tCdH1H86mXDlZbR5ugiN-5oiyPCYaPQKM&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAA.&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D113a00d3e7196414%26hb_bidder%3Dappnexus%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D11%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx928%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D928%26in2w_key8%3D11%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%26in2w_keypm%3Dfuse-slot-21820773827-1%26in2w_key9001%3D1&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=853106530&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
218d4a52f3b07e829f1eb3a233a2399c73cc8c07061c0fdd5b4a86268a0c1fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14720
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Cmrec_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=9&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916499215&lmt=1704916499&adxs=1274&adys=378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x290&msz=0x0&fws=4&ohw=1600&psts=AOrYGskxI3y2RZlw8m1tdD7UqY1K6JpEUa2Kd9YmT8kRPm-Zg-3VAruI_WNwZfTCNUSI4JQpQn5aKhCw_AZ1NeSKk6WdPs2oDrDBc54%2CAOrYGsl8Cwy0ZQhiPhyXTxrVphHcF-Q6BOU3DZFvzIKOYIVtT2sJUym8izDUsEvcwv_t2-R49GR9C8eeHKmjiyiCWcxds6iMpCH_Tag%2CAOrYGsmIcwqKek103qUTerVrIam5PvCLhtHsM8pK7fezoEkhmyigXB9roFTgELBWQeK8DkdFMW6VM-ebxW_qQXLilB2d4YwiXFg1RAE%2CAOrYGskuG2jC4Tn2TCQVeYdnaBdVmX6s4dXoC9W6Y6Z1KKJJMQcZYVwLATCCrn488-MaA1tCdH1H86mXDlZbR5ugiN-5oiyPCYaPQKM&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAA.&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D127%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx928%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D127%252C128%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D2%26in2w_keypm%3Dfuse-slot-21820906291-1%26in2w_key9001%3D2&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=1708490306&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c849f624e9a3f7ecf31b8ad911cc2fca2c66ea1d5b596845f55e9034ced55aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45591
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Clink_hrec_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C728x90%7C970x90&fluid=height&ifi=10&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916499222&lmt=1704916499&adxs=800&adys=1067&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x40&msz=0x0&fws=4&ohw=1600&psts=AOrYGskxI3y2RZlw8m1tdD7UqY1K6JpEUa2Kd9YmT8kRPm-Zg-3VAruI_WNwZfTCNUSI4JQpQn5aKhCw_AZ1NeSKk6WdPs2oDrDBc54%2CAOrYGsl8Cwy0ZQhiPhyXTxrVphHcF-Q6BOU3DZFvzIKOYIVtT2sJUym8izDUsEvcwv_t2-R49GR9C8eeHKmjiyiCWcxds6iMpCH_Tag%2CAOrYGslbNvKj9dOU1pTYfL-V6hQrdq45bDKptthRgzg25Tu2MJSfXKzVeLqYWkkK_i63d4Ukzg1YY53V6N84cmBrKCO3jJZXIzhqS7c%2CAOrYGskuG2jC4Tn2TCQVeYdnaBdVmX6s4dXoC9W6Y6Z1KKJJMQcZYVwLATCCrn488-MaA1tCdH1H86mXDlZbR5ugiN-5oiyPCYaPQKM&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAA.&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D22%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx928%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D22%252C23%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D4%26in2w_keypm%3Dfuse-slot-21842489290-1%26in2w_key9001%3D3&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=1819770311&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
928e02add69a4cbcfb68389bb04b37819d741d5676fe813948dd77c871dfe179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20979
x-xss-protection
0
google-lineitem-id
6135185025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376945797
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=11&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916499229&lmt=1704916499&adxs=800&adys=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsl8Cwy0ZQhiPhyXTxrVphHcF-Q6BOU3DZFvzIKOYIVtT2sJUym8izDUsEvcwv_t2-R49GR9C8eeHKmjiyiCWcxds6iMpCH_Tag%2CAOrYGslbNvKj9dOU1pTYfL-V6hQrdq45bDKptthRgzg25Tu2MJSfXKzVeLqYWkkK_i63d4Ukzg1YY53V6N84cmBrKCO3jJZXIzhqS7c%2CAOrYGsmIcwqKek103qUTerVrIam5PvCLhtHsM8pK7fezoEkhmyigXB9roFTgELBWQeK8DkdFMW6VM-ebxW_qQXLilB2d4YwiXFg1RAE%2CAOrYGskuG2jC4Tn2TCQVeYdnaBdVmX6s4dXoC9W6Y6Z1KKJJMQcZYVwLATCCrn488-MaA1tCdH1H86mXDlZbR5ugiN-5oiyPCYaPQKM&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAA.&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D6%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx928%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D6%252C7%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D7%26in2w_keypm%3Dfuse-slot-22851126297-1%26in2w_key9001%3D4&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=1905034420&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e0e8b227c432e553f717e858786d42c2c893c0da9e0ecbed5d885f7dcd2ffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20524
x-xss-protection
0
google-lineitem-id
6135185025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376945776
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Clink_hrec_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C728x90%7C970x90%7C970x250&fluid=height&ifi=12&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916499235&lmt=1704916499&adxs=800&adys=2137&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x40&msz=0x0&fws=4&ohw=1600&psts=AOrYGskxI3y2RZlw8m1tdD7UqY1K6JpEUa2Kd9YmT8kRPm-Zg-3VAruI_WNwZfTCNUSI4JQpQn5aKhCw_AZ1NeSKk6WdPs2oDrDBc54%2CAOrYGsl8Cwy0ZQhiPhyXTxrVphHcF-Q6BOU3DZFvzIKOYIVtT2sJUym8izDUsEvcwv_t2-R49GR9C8eeHKmjiyiCWcxds6iMpCH_Tag%2CAOrYGslbNvKj9dOU1pTYfL-V6hQrdq45bDKptthRgzg25Tu2MJSfXKzVeLqYWkkK_i63d4Ukzg1YY53V6N84cmBrKCO3jJZXIzhqS7c%2CAOrYGsmIcwqKek103qUTerVrIam5PvCLhtHsM8pK7fezoEkhmyigXB9roFTgELBWQeK8DkdFMW6VM-ebxW_qQXLilB2d4YwiXFg1RAE&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAA.&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D262%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D262%252C263%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D6%26in2w_keypm%3Dfuse-slot-21847076120-1%26in2w_key9001%3D5&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=512774694&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ce00a1d0fa4952890885e0c1e0d75a651d957e670d8242824c0aa63b0689eea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21008
x-xss-protection
0
google-lineitem-id
6135185025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376945782
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5D53 		0
0
css
fonts.googleapis.com/ Frame D5C2 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f138.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:43:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 19:54:59 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame D5C2 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:51:21 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame D5C2 		378 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134337
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 22:12:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D5C2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame D5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2-PqOn7LUjY9AgaKYFo0ikHenl_-c7fR1MzU3bLpHFEnocMy3Z0HppK5lObLGm_VaUwet2rCUXAqArosaEH1Pb0yKaQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D5C2 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
126558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Jan 2025 08:45:41 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A9B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:77ae659e-f614-4b00-b80e-c5e00b9cdb8d&gdpr=0&gdpr_consent=
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:77ae659e-f614-4b00-b80e-c5e00b9cdb8d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 19:54:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:54:59 GMT
Expires
Wed, 10 Jan 2024 19:54:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x27 config_version:"1604"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:77ae659e-f614-4b00-b80e-c5e00b9cdb8d&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 7263 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:59 GMT
expires
Wed, 10 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
239371
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3FD9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID9751CC68-3D62-4259-91DE-A54BCBD0BACD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:54:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Z4Q3VRR5JTR1HTTJ9WFQ
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=119533
accept-ranges
bytes
content-length
5622
expires
Fri, 12 Jan 2024 05:07:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 48D8 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.58.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.104
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 48D8
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1498019956
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1498019956
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
via
1.1 google
last-modified
Wed, 10 Jan 2024 19:54:59 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
via
1.1 google
last-modified
Wed, 10 Jan 2024 19:54:59 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1498019956
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 48D8
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9751CC68-3D62-4259-91DE-A54BCBD0BACD
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZzU4UVNjVnlLb25SeGFsU0w3OVJrQWZPUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=9137344626810906505&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.210.103.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-103-224.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 19:54:59 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 10 Jan 2024 19:54:59 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 48D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc1MUNDNjgtM0Q2Mi00MjU5LTkxREUtQTU0QkNCRDBCQUNE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 19:54:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 48D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENCEFfG27TrPusuOSXqLCKU&google_cver=1
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENCEFfG27TrPusuOSXqLCKU&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 19:54:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENCEFfG27TrPusuOSXqLCKU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 48D8 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 09 Jan 2024 19:54:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 48D8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9137344626810906505
42 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9137344626810906505
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_smrt_n-inmobi_cnv_n-sharethrough_n-onetag_pm-db5_ym_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 19:54:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9137344626810906505
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 452A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumDb1uoiForXgOR0YfFQhBI4MwNWfkDwxNPFX4yxAvVVr6xELd6Hp7GtT2-RsKzUQp0py_YduQwoDZZYgGgLfHx3O_fAEjKST5pCN4EjartXkaW53GmSvo_SVpzVZeAEUGqVYoxq-wlAcZ4ttKxnYSsvy07hL43CcUSvT-zxgm9_H4ZHS53E9alUpTuDKHY56wKzjKZcYcuV3SHziHDzIeSFZ64H-wiCYZlCPXYF-RSZoXJT2ni8dKKAgQCfwsAdw269O9muKwOuNb6_4vl25z52--CEgkMcNwhfLC0sxmf4qJpeLMMqWqbzRRTy2oYEEqf5NtrWVtKPsvjKZWDkMgtniDyiAu_Tq6tadsmHx-mjtJ3N97YSKKf5WS2Qvs&sai=AMfl-YR-oAd0znb7WbIN-8fE3NqRI0jz29jvJWsKmXvo7-dXv7AD_UbbhoaeDjeiwHboXk72gzUM0ADDzkXeB64WK_60mzmGuuV4nJ8Cg3H1u9op9W73WYy1sSuuhLXZVA&sig=Cg0ArKJSzA_pGzsTOpLcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 19:55:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 197B 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame C6B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspNYze5sWlqnPwjiAuPq3f5Dj4EBu-rYLt7sF7dmIfAoTh2fLPkKtvEQvPwcckxU9NPaMjCqzMrBb7Ui9bzAFFxUudYMW96Nupg7NnN83ZXRMT9JL4EQ0KWGW455gvignwEtEgFpK9u_4ai42RNcEoPMKUmnJTc4l7_BIWB0p1JHVu3eTu953A0NVzBGFVOZNCCVVyeZhKZnfa4jnGGQV2MKUdO4ZYss8FoLtleWCxpv5J3Ea8IEG4P68-uQk8tPui3nEMLB2nGyFrnLKYRJ7Fy2qFf5VCeyJCDy0wcMHiVhtqwdqwerc37JdFj7VSI8BQu2XG1Zbtm5ME6MRq8Xqv3dX0xraMNt_I8xKbGxmte5zSDLDqrmcXfvxg3-cPNe5RgHY&sai=AMfl-YTtZujybA0bofyUSdKwYt6IVYDSEkdLfspDtjNinAlrKXgjidJx9NN0prRPTZnto7702xAGEQt2ku-sZDpmQgjdRKH6QL-G3uabzdzhG9LbZp9locciP927k-IaOA&sig=Cg0ArKJSzDMjCD4FmM66EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 19:55:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7E3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmfvVkFNJ_2OMR7TyJ3CaBObSLrKYnOJc51OMddArV50XrKi5_8TDzCRYoQKz9grteZSYGLxYOK_-DVq-xGsQoLQ8HV9xUqKTnrZ1E2s6cVcQ-wSvm7IwQessdP-E-q3ZqqyiCBvQsTNpw-UQ-iOvzrvoL0ZHbLOapqV_krj7DAYTRFvBFk2RKCW9F2Qb4NTixKEhh8m70xpdvQt5IoC35HY2YtMU_SRpF-wfmA54AwnT8acmQPx3AqNLaG8tnnTL4fe4A7nATLQgMV7p2EQCAnlSlq14FZKGL_lEB-TeTjL5shqJv4EE5UV_lJ0SPHU8SWvLWWnhyfesQuwflVYAD6W26FGoHkK77CNkyTPwYRKpmObhm237ezBXTI99bhP9wVLY&sai=AMfl-YTPYhZpcdCv51TiP8e1CHIthhZxkEos9rU9Uqb5bqyjkFemZMbKqODKeBk3nLD6-a-5tS_XgCJ99DkJzJ3KWDTtt-N_EqwzXxZN6wp_a4AkQwmQwgqSs8IuWnvSgg&sig=Cg0ArKJSzATM7vExwchfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 19:55:00 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9C37 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 19:54:59 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 9C37 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 12:23:29 GMT
style.css
s0.2mdn.net/sadbundle/3426037002007478272/ Frame 9C37 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3426037002007478272/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
fdbaf446a18be2829f6500078e51a46bea93f0b7ff9bb634b959f9e3aa9042a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 00:00:53 GMT
date
Tue, 09 Jan 2024 00:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2137
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 09:17:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
css2
fonts.googleapis.com/ Frame 9C37 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f138.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame 9C37 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4902406/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:40:10 GMT
x-content-type-options
nosniff
age
889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2869
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:49:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 19:55:10 GMT
main.js
s0.2mdn.net/sadbundle/3426037002007478272/ Frame 9C37 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3426037002007478272/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2142b46e9d361b98bc264dc4ed891060a62677ddbb0f23b9c20f21b5ec0e47c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:44:55 GMT
date
Tue, 09 Jan 2024 08:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4149
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 09:17:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jan 2024 19:54:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D53 		0
0
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4840 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E78E 		261 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYrYKr7gEwAQ&v=APEucNV48SD25f29WAMTfjOeRYpn1DtqVa782PlHq3H7M9KD9fGa0uMdQrkpYpiRtsUvVnteO1ATif_ImP9xakJoVszOctWtJMReYATskgInGGgUq0px4OA
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
de65fe178ff37377c8d3210ce8c5131184689caf095b29557344f2763097ba37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4840 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4840 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dx8h0Jdr6pfKQb63LoI5yyKylkbSB3nGU5jfYCkHzvz_6RGk7jhPlgjZqraE-3cMURmhokYeQQFPdDbtgs7rzm9DxVNFm_3armETzH90i3HW4BtO8
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1525570/72171815/xbbe/creative/ Frame 4840 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1525570/72171815/xbbe/creative/adj?p=APEucNUppgYGcrjksNsWH1PmNUnO_RFmLxZexljVxae1g9KEsjW8MAs&d=CokBAKAmf-DmetImTTZMfMqU-SThJcDKuncq5uMMKXX1eSc181sPh8nBf3NqfFW3q9Zq6QpYAtQFj91EDrVdNFEQ9HEyGHmvMaEVtAFx9mSgd_Vh2SNZkX0Ykj-IQzQhPsjCsQXaQ1y1_mX25UEj4dRhCP9DA2phmw6T9b46C317qnSDdvOAqQVF6R8SmRUAoCZ_4N8HUCJA4cAZlEt5MgFv-8kHtqoisoBYPeDLcdqIl0OeyuXyY2-uUXOvIFgeo3s379KqzNL-uCOKDH3zxliBF3powr27qLvG99lTNJc3Pl87iPEfiDEGllBHCWwXNjo9-RjyF5Z4BtEnCMG1--sDoigjVZ9j_HK565dgCcwvReKjv3NMTuKeTq7skLGSe5EyaFFl-_uS7CNqTgObSf5rRtPYmiD3o-q9eTevq96AhKNvxiRy89Tl2PMFmYFs55PNHrNtNx7oVqmWgJgP8J9-ybQowIzLqBZbhHC0XvnjcbQkH8XxGJO3qBXSXnKi5BuTjE2jMTCldo51myVoDWLk0BBeMaTkUN6KroNjbSO-mVM0e70ur7aUQ7DgaR2vjJt0PlTvaM37IvGZ8_N6IWeX9A_NbIRyrlmt6gmyuicJpSOuZwnxArpcslXhbUj0odHDlTJc5B9AERxNnOc3OlYVE7hKQ02QvSIqwdSDv7_K8vPtbNaLCY-OzxHfxl8gSbdX5CAn1CEAYkO59rM6IJSpEW5F3yfUYSmeMOhP80iT9uVp4_PJbaUYXpFiBuXqH94Q7Tj9OD2uGigBUTDY_0GnAPJmEAVsMVaFMz0ntflnKWuBDOG-3RS13YI02SwPL8AFk48i3Fu2tN6j98bEej_BQeCeV2CJC5k9M6efzx2QDkkizi-QWn5z8GR42J98f8vA_4GIib9QeeV4JQ_Qs8zq_Z1Nvh1Z47MD1I0rOaszC4yedLJE9Ky-cHB-gFHGWUpI7DZrQYVKvroVQaI5FcaG3Lk640Tg6rrKsOYvtXSxhLZFxUCSKLxB1x04Ps_mZNqqi1h6uZyBEcQ_LvEAlYe-HM-WG4r0E5AfZDfU6yjGqJgSDT6op6Cp9UKsjpK02lsqryUt4LNHSL3akSSBPgrXWwnLJ5GtG0rblye5QCMk3e6C_PAll9-d46C-EdKlSSEQAUJ_g3lw3kIqSptjP2lnp-1WgWqzilRzEecoTJTdHgYDIyOMDnTtN4n1zkvDSCULTcY0tedGA5lVONCpW2YaQBcsPzRyuNdaYxL5JyfjVcDA3dgt_JXexvrOsr7p5-CYL-7ggo00oZ9IMF4ZJsQwkuMWAplgE2oyZo_mtxthJyd7KXvaOgpyYgcBdaefYpUipHux_BxnyUk4eAy_z0-jEENDDPYib-bs0jDFgoAOE0gO6nUtyC6LbIkRdvo57M28XegGNTFRWbbeUP3zGpB_CWVBI7nn2Fx1tYV0FfzcIIBZaJGyIW-MqKj3xHoBdMyjcRDyoBtrGJVkHNlwU4YZn_BWWwYxOsUu6j6fq_8WNSMFSJVN4mzg-yj2ZiNnWAZmSzAyjXGKmeEyZvQNPjZz2WIVyT2xPy5j1D-xWsq723S509CTNHLJU06S0BTnotDmGDcY3ryZOQox5HgiFzZoJ3OrFPBHrPm_prYYLajo5-qwCLKzzDR-Ax-ltGK-ieMSbvy58XHMwmmVztuFyEpwohQAwSgNqQ2QVXH2JXxBzaUqKjxaw4BuvzK11WC9c8Rrd61hrUcObhIhBrojGwc9ylDlFxhX8vVei3qR7T2Irf3-6ut4RLW4uYzS_o0tunjLuBLnC_giSCyhsFrDfQIsSbHgeP12IipQfRpg37v-ToIvoobuncMwx-WpE-a7CeEkw4xHbezBTu5Z5BrJGK4GLerXjWcG1ytzq0dX4I2uSRAVgdqBuLiFAqBOpHlbtXuF8CkUZumcsbwkAsgOtyq-4enfyOApli9ZOlqlQGVa7j8RixkZ_MFA0esyRx6b_U7WXmA759AMSdlkFBhVAXFYBIditZDXFUYhBQDmsHwkV21BXPXRCk6UEIuTwv22RYjAzww_rbz1Jy8q_eJhiAuCRHnjoI0aO38TEn4QUUTNWb6Hr7GfXP5qLnRel_nQp0pJkt0-I2_JfAa_8H33iuI6sKAA6-duZWijbOWGydxEsyF8_6jhzzNfXtpZxxl2GS7KjERde-DWw-Q2xlt8mHj78nEhIHS7D77z_c1K5-FkWEJoGadE_QdH_zIJ0erVvwrfWOG8vuS7_o1x5HQPYTNG0Wh9BfuRSdU4ZkhQ-mR17f-FdhayAoRVCme4yh0QRNVZlXd6SQRVn5E7-LvJezWgl-fwPHz0aN60pWT4uURqzuS4FEHO9pc--A4Mh09g_ISdL4gCRtPTeDwEqBX-iIdfAwYC66gwWsoEjwWiVlGOoT_7zOwz9fmRyO6j4MLUJeavRxbTwBRYrWLUwcRQTREJSiOUnIn-UCv3WUndnwYEOAlays8JLDD5-j9M_3xSYskA4UWmKGPs8fZS-fff3UbamEIIRIXp4kpXfAeby0evAdaIZF7gdgkviLBqhC4DH73HTGP6qfYmX_tvMD5SdhCLjPa6Keh5OiaWtsW8pFby8zX0vaeCzW7t1jksvswAsWCQjJvnvIYPhwFtzsxbv48AC1BjYImgE_gYUG-aXcO-HhjoydCan_wl2bs8Xt0XfYednXMMlzwohPLDw-jC-YB-SYj0k_yYrf8yeXqspHjQqTwsWgPvGEIC2Fhpb9KG38v1LBSwcS9ZUqYvYU5lEyFNwA_OGSqqhnfQ_hWBYmqdkuK3nsqg2yBiHQ9jlC_ScOakrbKmNFfP9A7WeURCGYXVJKVfG9hmXfic2SAv9BQh5RApDN73cjCdgWWo4JzyoI5ImjKnXZ3XPoSC1WYQ-4HEqglQtotsrQiPck4FXyDzQOgwvjeR7zXP-qGH__sz4a9eCnkjtvHHF1D9_Xh2MUXhMB1H1hidTWTtfhBPfKBRFC2HYp_LSrHInaOywr1EBEukCgI49zRRTl40u-3I4XwWFfX8SIf5uo2D1bcjrpjiBPoAJecQERQ6tgc4cYQ6ilSREFxfacjKyGQeRtAwOfSVEMwpMM3f_7t_TATDxusdzRSCh76_suFMZv0ydvVRO5x96OeWgUpjtH7oW7hGP_L6trjhe5AbDDcl0ExigjURcZjj9A0AZcIxEfePWl5_Hr4aVb2hxZ4dYBj5MS3s7pqiAYPOVE7_MPel0JOOg1hQpLrOoGSX2vFwzxv7UlghlqiBZyGvry_KN2MIxdDLR-q9T4legY1La491I75le_ztb-w_glbzzhHG7IdingYesFzVvtACgBB99gkW7sq8GL9uxgKTSguhCZEzi-yGNnY4tMO-n2iou5s8FtHv9FUMcrjdSRp3mBA-iCCsSqThOXl_EFoVIlR1x3IFeScQVarhT3JVxvmlpfvpU4s8mHQTgsifUk90WlLCA0CL-blf_PJgps-EMyIyEG4Olx_Aeacs5cN_-zjJfRB8sPXH9vZv9o8JgbOEIG5oHLv_wzIeKtZ2DORZ_VthZp3LA9JtyIXDbrTS66jdPaHrxPZZ_9QOOj6_xm1-UalWSDtQPKGlX92OoAy4t8od7ONNE53o1S0aIEeehBpMcoI3ASZamTmeW1a3nFU2DFD-fpqTQU1trSTIWN0kSWVlrcwSx02gsBmtwdwZ3VmryTilzgLDo_M8CJC8UyJlYi3UxilgUixsFYUvZ-PrLMz9JajezLpsg4gCC8_soD-31-Ad6h64aSnKMNCm3a-PxiezfNRaovRd_Ayaa0aUtc1wGkEIBBI7AC8eF_-Z1ENF6BiprJ2t1vQZLH6HlmSMsUA9D_pi7prza4Bw92vTdc_xSEG3Em76YDVoVpTJfrdfY-YYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013062319&ias_pubId=pub-5884294479391638&ias_chanId=1&ias_placementId=20276414284&bidurl=https://grabify.link/track/41AL59&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j5W1agTNWUTKpjftE-vMDE
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.24.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-24-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c2733c444c10951bd668a825e22b131b4b934fc8d2464105659d67dc81ff3f04

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4840 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4840 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame 4840 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQKn0A0-Q0IQ-FxettWHeIR-FErZTvjWU3xeFcbIFPdCqgFgWP4fV_iTPMJZmpv2Ay1P6MVGt6Ol20V-IUVrFnlQweGQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4840 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9C37 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5310c328dbae70ce3e49ce1910261c80667e8525d1f2f5ca45a1f5d2a6125dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5916
x-xss-protection
0
60003574_20231212020154154_sublogo_sale.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 9C37 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231212020154154_sublogo_sale.png
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
1f264f55c458c3e092b8d562e3805e2904ca9f797696e734afe3e7b6710d7608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:19:18 GMT
x-content-type-options
nosniff
age
38141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3069
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 10:01:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 09:19:18 GMT
60003574_20231214064645693_02-03_kw_LG_OLED_65C38.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame 9C37 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20231214064645693_02-03_kw_LG_OLED_65C38.png
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
54e55a263a6e449016622cd68d5e2bb2a8e6db8448645fef1aab14b1f868f553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3426037002007478272/index.html?e=69&leftOffset=0&topOffset=0&c=ME4YkFivEe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:23:39 GMT
x-content-type-options
nosniff
age
59480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35430
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 14:46:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 03:23:39 GMT
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame E78E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEA22wnN31nJwskI05Jcm7no&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEA22wnN31nJwskI05Jcm7no&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYrYKr7gEwAQ&v=APEucNV48SD25f29WAMTfjOeRYpn1DtqVa782PlHq3H7M9KD9fGa0uMdQrkpYpiRtsUvVnteO1ATif_ImP9xakJoVszOctWtJMReYATskgInGGgUq0px4OA
Protocol
H2
Server
46.228.164.13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEA22wnN31nJwskI05Jcm7no&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E78E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYrYKr7gEwAQ&v=APEucNV48SD25f29WAMTfjOeRYpn1DtqVa782PlHq3H7M9KD9fGa0uMdQrkpYpiRtsUvVnteO1ATif_ImP9xakJoVszOctWtJMReYATskgInGGgUq0px4OA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4840 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1908059907729&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4840 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1908059907729&version=m202309260101&ct=76&x=1&cor=9137077900017383000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4840 		16 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4wJY2-exkwDw_SaeVGTQeHIrtMSmsCMO7guCMaj1m2P74bdT_JOGO6HALE9hHinpBQVHZr32HZVLNfMBrHHsmzTyfUdLvsS2YLmquxzTdn8Eib3KIIMswhHu0DKCRPz5XVfEVjF2c6YDejt_4EH23mgqU6ZRQptGFKzvhLA0bDYVQRUk&cry=1&dbm_d=AKAmf-Bn1wyewC9brpw9yvjGpsMp-5WmllmcT6nrJVF-KjBbkapRyk0rx9zyRZpYyyGQ-uyEE8IWMOjgF6KGM4HxzIaQtF5VTDBdvajEIiMkxO8psPKMtggOZBI_DXVZhTolHyBoneiKiegoDn501pF9Nc7ch5LsbPUpAAx4jyX4ZAHgxIrLZj3x_d8bi935i-vm_hji-EWnMwcirhjS4IT6CsXH7Lf4NWwl5xXKMyrCtANlMhC0bjGFOcBeW2MriVd_kazZPNnuGTyLerJPLPtkuQFXYabBe8TVjLX9CFj_3Dt1dNyDdq-heij1DyDQHk88bU7g-lLvVs5LduNQzkzhBuqKl7PQMAM0An_g-nGwFIPvC6h_XbvZl930rF0T5mPfMfiaVQQptEXJTgxm059aKPk9pCPZ47ChRDNDb52e9eUWzIdS4sqWgZ0BApmULDATMTgm8R2LvbShxZ_I4oERygblLCSA0zdPLJcdLXasgsggG0Q1efEsdz5hzS02hzh2mYTfErkxHbF2STwtDqWAQGF-hNVcWqRXBA8gE4MKbEJA6K2daoUY79LsK4i5zTeehQszDSNhMf62kx5K6wiNooS50FCTK4qBS5X2pRcvw5zXEwmhboyHEJNT2rEV-lxJizE6wLyG1hgyiKUWwLEOx7wfWFiPn3cTMFi2I4gtrvgY-yU1wE3OAyZ8eP-KVrdFmOPNVd4H6zWDLg6Xa8yTrQKt68RHiIJ5ndINFrtvpu39awunq2jS8RnwECRr9EggtgSDHHPJrjY2F4Kc9hsM1dJQBS6YKBXaVCCA0BrXwH4RrhILCY6ZrhrqusbTrOCV3GtNBx-cFttAwZ3lTX74bFaLbIbUy9HZxWvgMrDc5fQZmGWMnvQ78kHmuOZBr2mN_8YhjzTCNLivjAHl3KRO8AWiqG2cOP2DkImSnX50wWRf-Jx2JBd3W4SEi8a5ZRH57CKVRlAZTRp6GNMO3XJlMLLsljdis0GLNFm9azJxr0LePvX484lpif42vjaFNH_ZrOjzIrmzL6emMfYlJHHKU7x0Y-ReNMdyzY99HdVHKZMvlnNzJbY56ByKsjRu0PA3jyLLiBTXlmqqQLMP92Czhf8l9GeOe_ZWMNQZkxo-CJv082NBHRtVclsjyzPULMHWs1tvXlvKvWppehBqZxibprtfz_T9MXpanmaai9dVJu8D7N3jKH_dY5JFLaxxZc2EhLp_RhlxyV1fOAGV7So7VIloIPNs2keYoH5-WXCjS7ZNihzOL_8Nibkl7tCbfgswF2FmuEm8lnV5gNabk7OQfBzPpItBirLVDZ1xoMf-y4VcyYrTq7rYo7TmPavROGwEBWbz2ZgDqlQlzurGtmMws3JnwiC9zoy0w_yg-4GaOODz5K2Fz05qbqOqVZDcKnegjI0eQ77bLrCIAYeLLZYxAieTkQ-HgObDHnMHUxtxIUlona9DMH8cqtth0h_Sq7Vlcd2HTpJ_bqTXMeZx2w_cU4O9qjPj1ImQWkvNKFiHHuDz6AoXDW7sYOU5YgTDv24AA09WLJpSY84dwr-MqlXQDlXDz3hHjJRLCoy-qmaSCiCc6-7uKKCnI9n14S9KivjpDTC836n3KlsgJ94ojxR3VwyFKrTCTKnOjzLY-yvqxd4vHNYeVSmHfPmIw2yGjGTONy_7iAEuDVm1jmHf8nH9OXBYRYAz0kdj241aHN5aiEcX1rpaqq3mPL9X6UHdLQyDy7_v1qOLKTK-5vxL1TbOdvbIGx0zYQHZJGVIKCCBbeHDjlOzry7NmMLzht6yLcxrWPgppLs8Abn4rUcP2D99c8_7VZGv0Ns0DtKism7fTIil-IuhxKTWQMXQ9WD3iD8winlDmA5T1bJobRyOrl3mF2qIJ7hWdZ18H2qr5V5lKWNQ_YVlwC3-sB_weZMSdDPXgygDRRfMTlxghdg-U2GXHMOF4JAJqfph3TxOlwJGNvFBT_RQHqh3gCA19zFPRNXyf35pJTJ_A7z2ox6OuBcTOiOx0vdSYLuftMWgYIA0qtkDSxSyrR0Yu_hygpIAHSaaJ-cMF6moXE8_zi1CaQG7lGncWyvGRNdwldLHE065jQbX0lnGJoyWYRVua0tTAATk6wES812wkb_mTG-j155-ycCsKJDW552nMn96M6ukco8D3Y9NCWc9gwS72UMcyaAHRMaImKtLUCN09eSQrZQ-J70LwnD-K2Fi6dla5ot17DGcVaecDK3f6KQUAPmdyOxGkNx7MyzpXniyWDYJFa5T2MFoc9ZfUs1vKl8Nu6hqeOoSGUaHKjzTI4MA6x6zQcvx2KvYxSemrg_FVUuN25tbPLjNOxMvR2KnN49xaqRCh_Iedu-GwDl0Up9h9OShqLA418xyE5C3l_IUhLl0XmKCFnSiL_WJbyvfM0O9PhNKA0PgA3wGQ-KHt9OGnezdsBIWNgJywida9dVieKOH0Vq8yZ0pikIFbf0TdREZRLk52EZcnKRV6SDsZIcIp1mJ3Sx58j9WW1T7JDf1FNthLAfqGnSRygAgTcE9qqHUGvnscF73kuF_VIsI8X2Xzxdo3bPiOWjFN2AcZBrlZyo8f_nRm8T1bUvPbYMIwm4Knfv1hqGE-3teiKeLVhzpVKNskNLcwb0yCsmS2l9mjhNWoE8R9qXsqufFqvceeZ5pOfNmdnlY-aULc1MJtt4bglRGh5DbYYXEpeqGoLp6447MNGIqblwcZTcXi3sa08DVlZc3ScAKhnQYooY2rvjA31EV1JZXy0gc0JJxacwddsr-yMAFekFA3unJC0Aj1kqNLzfCZNavEhe6EkAezsAMjYRoEyCVvQ76CgdZmOvlKPXglCTnSYfxee86Mwq6m0jyaU2wIo-A3arKMGVGP2fEttDX2MAM_q4sY-LAA8JPnj4lSNETAiK5R7ZJSn6pOtTu2EZnPsXR5JO90gPGXLF-wfH8I5ysR4iTrJ4P6vSL8vZySke0MhiuzZanBnUmETcQjHBR7FXjyN4FRRKBZgduN1eXOfkis7UeADM_u2FFswNz89VyGE3_5FqCQqJ4HkwfVVxMsg0XGj6NxPTxaBY2eaJFO6ul2cuxkZrWxzsDvvG4NX0CYa-DAb6St86_-qH-j_AdCQv1TFvilTiTNWmi22roaJDz6w1ZdFtB6cekSjDctaiAvNApurQpP4VqAAoU0Cnd8W7VOwXPogY&cid=CAQSOwAvHhf_mdRDRegYqaydrdb0GSx-h5ZkjLFAPQ_6Yu6a82uAcPdr03XP8UhBtxJu-mA1aFaUyX63X2PmGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgrabify.link%2F&ds=l&xdt=1&iif=1&cor=9137077900017383000&adk=1033480540&idt=129&cac=0&dtd=84
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ba1cef82ea17d6d550a9a7771f1f7ee5d555d510aaba8f007fecc6832e8b3772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12543
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D5C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lr879imt&c=3695354099960&slotId=1847677049980&qqid=CPnei_LM04MDFRMqVQgd1vYCfQ&fb=outstream-lima&sei=44752538%2C44807615%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D5C2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
443738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D5C2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options
nosniff
age
126451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:47:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5C2 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ&eventType=clickstring&clientTime=1704916499872&ai=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D5C2 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lr879in6&c=3695354099960&slotId=1847677049980&qqid=CPnei_LM04MDFRMqVQgd1vYCfQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.17s&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame D5C2 		33 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ANFmTCIcvU3ULFAFaFlHsFKQ3W1UAsf6X0Uu_af968Pey9IKodGPItXSjHnrMobxLEcp4seUq9cU9TvCC-w-BIDPv3-Q&dbm_d=AKAmf-DOySrtk0NlcMnManQvWGb_ZB-J45RtlbXes3Xl2WrpvEghvhWBt1NdnOgwBKPMXDhTeCsE8xOMmOatYXmwsNYaQxXj4fNoc8YdFx-Of7HcJJa6d7vexPXy_eKMRuiihh962E2WgcsarWnUeLfLB12BatL1UhK94ODFKavE93WPe43Rtfe2VH-cPzZ77KiC8zpBzgSJkRa6sxse1XL2_eSQZ4_7vmQ6VY5a7zdBO95xBBNTT0QoxFC-3lpoQ_PJo4GUJvhnnlZ9C0Gg76lr8MHIN8k1vyDOmB_LsKD-aGk78cFw4iMqzQxp_o119UpZxsyjhJCNCgEjUYOmu7_SEPUkjsREsMa4tzTmZcsL4NVj_FkpgmI_fPMbiKCBaEtyOMsyaE39J8KUpGIUcD9Qoebzw9vArJ4lDwx15gzcKXIlKBjSIB2adMFNnBVpU-fWTT2OAkv5kF0UFQBMACSUtcfK7SqbBnsB6YxSXchjd_16cGk5UpblA79ioQVpCSoNB9nuxxpzODhLS8FBeRBr3KjLz-P50Ij2icM1QPsYCJETBBSEqdFRmd7Yy7ZOAiAQ6j0diKmjNGeMlByuaCPDq_zcwCyFkpc_yTk-XPyR4MAgtz1pznB5eyMRl28JfR1b55JTt5IpBRZ8ZsLd-l8EBXbBbLXM4shnNVikrbxtPVh1iiOsDJkHXrGg2EnM2WYinSTQlmDsFvz9swVW2nLCLThWEQ5nl9xvwPbm1TXUpL5Q9iRsEJKCv7IabN94VnHuyEs7eXVT8Lv-5mtL8bEQ3WywVG1lTrS8rewdxBELiLvTf9vY2WxL6TMp1sARlnHMtw4_PBwklwRu5J0kmKlU5C9_HO2G1EYAZ5b5Eg44jG6ls9R5zHoiSRgqWJSgHimhNY5OjzHF0HmPK9Ax-ftZRNxFC6X5btWssIAeoenhvJRr6oKqStFkdFlXuoDFgtAILA9aarmrqe9tChSKlu0nFET52OJW6gbPt6J60uQ6D67CZy-h3ZOSsS7MxLXOWAwYTIJdW4U9a_8xlpwk6Y7_wVwpVdzyby5Dmg9EH3Stoly7bIkJPsuc8pHPkxs_twI-wGU9ERu4QzI4bSJNcBB9Zfct4GweunZTQf5VhvrD1SJwi3Hp_EI_IJIAfOMEF2AunKSoVyhbYY4Irey74mZw6Or3Ow4cT2_7L9Njjd2j2LAOmulkD0rhh2uj_u2dPJGzU07Sm1-75bQAqO1n0CTnzIaFk5HdBToGz9KdflzFvtL9v5DhR-167XEbFtoGLkxzoFqtytaeykQWaJI9Aic5P7i5TnO8ezY2uUoUER5myH-gRC7FOBKRWDSB3agt-KYbV_TKFqi19p4yuC8LO3zKv4zhCKgk_vR-Mg5G3ygguPhi7-7vwbq449xVGhOoqJP_gegtgbzM9leYatdhftV8Tm-SpRZpwZ1hnX-s2yitoWByORA3PVDYsJU53U0pT81N0TMNUBUolXeHxBCBxRCdpfOuuJXaVmrOzBZYEsfjqIPddOVwScgmhi1XC_C_2hdTn3npJoKcfsCNdtkDo3oIdB1ciSOz63iokxpqSkfDJkBIZBAu7Agfp-eneGbI11erLzCJYtgGZiz04rlWnTPym2RaxN7v3ZEjeK5mKIuIdDbez9dtIvzXNVR62ZpAehm_3o-qnsh1t-mYIixCSvcJr98C1PL6MyY6_lqNFhGYCxb99vqJqcHm_tsMAG4_kOU5ytG_T7cXEKIKutVbpju9TsIKHjuNkhpvT-L2IMRCSuKG928vgAg-JJ38GhMG692gJQBYRMnzWDR1ThRqAGhxeH1lTFjwzGd5uViNhwALNrJn0xGYwhnK0LPubpP8FT4WSOJyNlb07x7T-jhsc65vJJgCuhx2pYcygM8h7oLioIfXH0NBPUvQU2AsFfKMlOx2W7qcbql9R50QcOQ41j8udX--vzr3HII8vWkC7FI_6mO6aP7UXIv56Y-NwyoQy9gSW3iVSigsHpVdXsQnnXVN6AFWQfIhfvhW45Uc5pYuRCEzMzxdSFg5HX4frpxE_0KSa3Q8tt1JrbHxqVYETUZuEEy8wlJXrIpjFjgisWgOs8RETWuOtbZbpg-xQEGHAa6asYklItYmETAdX0M0jNN0Oh8qNhVEfObWpsuZJ8eFX1iIy0GTgx_KdYA7OjgNr68mAi3WrTata7tssodj6na4-Nf9rvjS2MQi6-vA5o7lKagQJ9dHst1Evn0zwPHlgug5txOCAVkdXg1VoOpe4AZp0u7-9kXr0EHvIvTXrkatBfj3Kctrx1RPBoMVqzXMfTi1CkUjU4EVa1aFz6e2qLkY13LrGo4cVYPIm-DPib9ASzaPKDCwGCkykkyavwrdJgZdoEm5caqii9XFB08Qg2iBByz--l2NAtnkU3cQ3TT4li8wmDekG2gNd9XMZD2CFP77kO7SuBNNNJRzogax6jkiXqr6XQW6bx9QzuYqLPWObwSaoxfrzgqxqmDsEmDZL6nzb_JJI41u1fDN6ZufH6n6mMozkt6O6_BAnvtMo5e1j3Y5XQFcfKgiRAiX0uec7k426jogsCmaZTsYdUtrlnIhoUXhQsgMGIJ4BmQMf-VaxfmZbTRvfE5y6EiV55GaMPZI2VxbrwM8_qM7WVnFI6m03k-r5ah5BsYMtBXraSSTDyNFB3JQNnrtBINTkLvKBl-783WddNXtwhv1bZrRYrw3EQiLWUZec7O8Gn98FFIP9nIOJb-dIw4sTbwg5kVp5QWRaEQYhCp1kjdVZBh7e4fKdz2Tm7i1dB9k5JR4U_9nZJcbsdp4Y3MOcFdMEyM1wIAFu4z8ZE8DPemWiWxrq3sS5DEN-GNj3VS2Z8BcynaZ3pAAFn5eL8bRgms8e1JS8vU7YcR6u9GEf4U_J5H1rU092uBpFkNp4gOsCH0aDPg5unGCdyb9NYsFNkzBCEvfVlEoJrLoBscVJYoCihzG3b23_57NyPOAtoDuY-_z-nH9EeSS1aIvWjZVS6JvIg0fT2QK0KNNZEvVzE3OzogGbPf22ynPOWhSPPSb5we3HbtUuDocRbxP8SmE-25PC7EeGlKhCzE1vk7Fgsn5cXbDfw17U8rdHirwQKVj4T0AEdBxCUBLiTIoQBqb7ANzDflpTsS40A9slQNPVnXYv_Y-At1jMUah21UYm9afbOxhyDoK6V-RkxhCpCSxC9KOhoEg6HUpj3g7CgQq3UZYY_KzFRhXYnuL1gDMb_lG9LXHnIzoypuShxbu_b1F93_TDpsBd8GWLL7PzhVkpANshHutmLHLQSoBZYKTQn1UMN4q6m8B-Rvf9eP5eHClM1VNBRgIPlufjc5fDxxGFNhTtqW3K6-mUHWyiZJBkRfyNNap3FmBZ8rz4aslKw-C-JVQ5yZDaNplTpR93jHERAgdhe6M833w-qHXq6ypgejLJazmctgG_lHEjxEax9J_v96GNMljJAcZ5pblYunrpDwMFUhbmdUc0VYi0xDLVdF287uAls3a14I1I6XoV_Z-fvx0fWFxOW530uiQOqKPsyP3uOTvAQ9RQwQoUSqJsH4SkRgEhMCgByKoN-NhDLH4zwLwmQoUym7xccHEn4fbX_LrbW7Or0dQBOl8VT8eTnxvnc8rd7GdLI4QnNTAewJS0GGg8ufZLECx5eehu5Nw76se_ajEsJcWCgqHkcRp8awiS08rfy4jWC5ZDSy0NjI&cid=CAQSMgAvHhf_vSJhG1Av1h5bJ9K8ff264XtKtpAqINbdWY0iwq4_sEUgyCdVNr8MXx-sJw7hGAE&pr=13%3AZZ72EgAAAABtzluAS51XtfMixyBV4VPTaeed5g&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.173.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wi-in-f154.1e100.net
Software
cafe /
Resource Hash
f524881f9f7a3b33e83fc0db0e23c43c2aeef52b3d642846d77c00e1aa80ae7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18240
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 197B 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame E758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGOvJgBIWauxKOAZ6WxplmOnptz9Vf7_msj3erPuHveZllOB4sfUrXOPc9TxWUQZ-yCV_cZuynD9jNs6XPgRjDoUpmFXRz2bGEJy6yzxkYNFaQRnWCx8lAKhXw07FfQdTdpBgxgpH7e2wncGU4mhlsmQqkFYkDnLZSjFtbVgn8Xf70mSZlkGOVMLdyGN0ZnzBi9nTiXRInQyZEIYbc9UyVxv4q4rzUCPyWsVrPc_u8RXDG_fdpHrMyynjoXIEkbv1Vxw_noxtj6fqDHJM2TwzT1b5hWpgvm5mAWSfwMoRJ46QQmIWvOiBC3lPzDjn7jTtCBEky62uge3N2ILEEKIgwo72-cKWC1BdFYl0jv_hRzYHzkmhoW2fiNseyee4GwldTAxnF8rKqDjGb-XtE&sai=AMfl-YRBRhGjr2umTM6Liys23-w2pbDcYQATNLs4mdowiWIFhbLDeONgVWzR3Fnmtytc8j4pepfBJc8dhghEHPmg5ZuhJn2qI1f5v0E7nzMD0wW_kL-kj9ehW0Xl7BA3eg&sig=Cg0ArKJSzFmnMFTxvCB5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E758 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:54:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90|970x90|970x250&ifi=13&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916499936&lmt=1704916499&adxs=800&adys=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGslbNvKj9dOU1pTYfL-V6hQrdq45bDKptthRgzg25Tu2MJSfXKzVeLqYWkkK_i63d4Ukzg1YY53V6N84cmBrKCO3jJZXIzhqS7c%2CAOrYGsmIcwqKek103qUTerVrIam5PvCLhtHsM8pK7fezoEkhmyigXB9roFTgELBWQeK8DkdFMW6VM-ebxW_qQXLilB2d4YwiXFg1RAE%2CAOrYGskuG2jC4Tn2TCQVeYdnaBdVmX6s4dXoC9W6Y6Z1KKJJMQcZYVwLATCCrn488-MaA1tCdH1H86mXDlZbR5ugiN-5oiyPCYaPQKM&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAASHQoOZXNwLmNyaXRlby5jb20YnfjEp88xSABSAghk&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26cmp_allow_personal%3Dtrue%26cmp_determined_ms%3D8000-8999%26cmp_gdpr_cached%3Dfalse%26cmp_jurisdiction%3Dnone%26cmp_load_finish_ms%3D8000-8999%26first_zone_ms%3D8000-8999%26fuse_category%3Dtrack%2C41AL59%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26fuse_industry%3DIAB19%26fuse_loaded_ms%3D5000-5999%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_publication_id%3D14%26fuse_site%3Dgrabify.link%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26gpt_auction_start_ms%3D9000-9999%26gpt_ready_ms%3D6000-6999%26hb_auction_start_ms%3D8000-8999%26in2w_key%3D7%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx928%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D6%2C7%26in2w_key9001%3D6%26in2w_keypm%3Dfuse-slot-22851126297-1%26inskin_yes%3Dtrue%26prebid_ready_ms%3D7000-7999%26testmode%3Dfalse%26uam_ready_ms%3D6000-6999%26zone_count_above_vp%3D4&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=1905034420&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
628c8d3cb1313c8e1ddd8a1b30d8e4bdefd280fd47103344e7c03edf5ea0bb4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47768
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D89E 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 11 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D5C2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5d1ddf07b366f0a15eee8163a798d36603a5b39726a3835033aae9502c30afb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4840 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4wJY2-exkwDw_SaeVGTQeHIrtMSmsCMO7guCMaj1m2P74bdT_JOGO6HALE9hHinpBQVHZr32HZVLNfMBrHHsmzTyfUdLvsS2YLmquxzTdn8Eib3KIIMswhHu0DKCRPz5XVfEVjF2c6YDejt_4EH23mgqU6ZRQptGFKzvhLA0bDYVQRUk&cry=1&dbm_d=AKAmf-Bn1wyewC9brpw9yvjGpsMp-5WmllmcT6nrJVF-KjBbkapRyk0rx9zyRZpYyyGQ-uyEE8IWMOjgF6KGM4HxzIaQtF5VTDBdvajEIiMkxO8psPKMtggOZBI_DXVZhTolHyBoneiKiegoDn501pF9Nc7ch5LsbPUpAAx4jyX4ZAHgxIrLZj3x_d8bi935i-vm_hji-EWnMwcirhjS4IT6CsXH7Lf4NWwl5xXKMyrCtANlMhC0bjGFOcBeW2MriVd_kazZPNnuGTyLerJPLPtkuQFXYabBe8TVjLX9CFj_3Dt1dNyDdq-heij1DyDQHk88bU7g-lLvVs5LduNQzkzhBuqKl7PQMAM0An_g-nGwFIPvC6h_XbvZl930rF0T5mPfMfiaVQQptEXJTgxm059aKPk9pCPZ47ChRDNDb52e9eUWzIdS4sqWgZ0BApmULDATMTgm8R2LvbShxZ_I4oERygblLCSA0zdPLJcdLXasgsggG0Q1efEsdz5hzS02hzh2mYTfErkxHbF2STwtDqWAQGF-hNVcWqRXBA8gE4MKbEJA6K2daoUY79LsK4i5zTeehQszDSNhMf62kx5K6wiNooS50FCTK4qBS5X2pRcvw5zXEwmhboyHEJNT2rEV-lxJizE6wLyG1hgyiKUWwLEOx7wfWFiPn3cTMFi2I4gtrvgY-yU1wE3OAyZ8eP-KVrdFmOPNVd4H6zWDLg6Xa8yTrQKt68RHiIJ5ndINFrtvpu39awunq2jS8RnwECRr9EggtgSDHHPJrjY2F4Kc9hsM1dJQBS6YKBXaVCCA0BrXwH4RrhILCY6ZrhrqusbTrOCV3GtNBx-cFttAwZ3lTX74bFaLbIbUy9HZxWvgMrDc5fQZmGWMnvQ78kHmuOZBr2mN_8YhjzTCNLivjAHl3KRO8AWiqG2cOP2DkImSnX50wWRf-Jx2JBd3W4SEi8a5ZRH57CKVRlAZTRp6GNMO3XJlMLLsljdis0GLNFm9azJxr0LePvX484lpif42vjaFNH_ZrOjzIrmzL6emMfYlJHHKU7x0Y-ReNMdyzY99HdVHKZMvlnNzJbY56ByKsjRu0PA3jyLLiBTXlmqqQLMP92Czhf8l9GeOe_ZWMNQZkxo-CJv082NBHRtVclsjyzPULMHWs1tvXlvKvWppehBqZxibprtfz_T9MXpanmaai9dVJu8D7N3jKH_dY5JFLaxxZc2EhLp_RhlxyV1fOAGV7So7VIloIPNs2keYoH5-WXCjS7ZNihzOL_8Nibkl7tCbfgswF2FmuEm8lnV5gNabk7OQfBzPpItBirLVDZ1xoMf-y4VcyYrTq7rYo7TmPavROGwEBWbz2ZgDqlQlzurGtmMws3JnwiC9zoy0w_yg-4GaOODz5K2Fz05qbqOqVZDcKnegjI0eQ77bLrCIAYeLLZYxAieTkQ-HgObDHnMHUxtxIUlona9DMH8cqtth0h_Sq7Vlcd2HTpJ_bqTXMeZx2w_cU4O9qjPj1ImQWkvNKFiHHuDz6AoXDW7sYOU5YgTDv24AA09WLJpSY84dwr-MqlXQDlXDz3hHjJRLCoy-qmaSCiCc6-7uKKCnI9n14S9KivjpDTC836n3KlsgJ94ojxR3VwyFKrTCTKnOjzLY-yvqxd4vHNYeVSmHfPmIw2yGjGTONy_7iAEuDVm1jmHf8nH9OXBYRYAz0kdj241aHN5aiEcX1rpaqq3mPL9X6UHdLQyDy7_v1qOLKTK-5vxL1TbOdvbIGx0zYQHZJGVIKCCBbeHDjlOzry7NmMLzht6yLcxrWPgppLs8Abn4rUcP2D99c8_7VZGv0Ns0DtKism7fTIil-IuhxKTWQMXQ9WD3iD8winlDmA5T1bJobRyOrl3mF2qIJ7hWdZ18H2qr5V5lKWNQ_YVlwC3-sB_weZMSdDPXgygDRRfMTlxghdg-U2GXHMOF4JAJqfph3TxOlwJGNvFBT_RQHqh3gCA19zFPRNXyf35pJTJ_A7z2ox6OuBcTOiOx0vdSYLuftMWgYIA0qtkDSxSyrR0Yu_hygpIAHSaaJ-cMF6moXE8_zi1CaQG7lGncWyvGRNdwldLHE065jQbX0lnGJoyWYRVua0tTAATk6wES812wkb_mTG-j155-ycCsKJDW552nMn96M6ukco8D3Y9NCWc9gwS72UMcyaAHRMaImKtLUCN09eSQrZQ-J70LwnD-K2Fi6dla5ot17DGcVaecDK3f6KQUAPmdyOxGkNx7MyzpXniyWDYJFa5T2MFoc9ZfUs1vKl8Nu6hqeOoSGUaHKjzTI4MA6x6zQcvx2KvYxSemrg_FVUuN25tbPLjNOxMvR2KnN49xaqRCh_Iedu-GwDl0Up9h9OShqLA418xyE5C3l_IUhLl0XmKCFnSiL_WJbyvfM0O9PhNKA0PgA3wGQ-KHt9OGnezdsBIWNgJywida9dVieKOH0Vq8yZ0pikIFbf0TdREZRLk52EZcnKRV6SDsZIcIp1mJ3Sx58j9WW1T7JDf1FNthLAfqGnSRygAgTcE9qqHUGvnscF73kuF_VIsI8X2Xzxdo3bPiOWjFN2AcZBrlZyo8f_nRm8T1bUvPbYMIwm4Knfv1hqGE-3teiKeLVhzpVKNskNLcwb0yCsmS2l9mjhNWoE8R9qXsqufFqvceeZ5pOfNmdnlY-aULc1MJtt4bglRGh5DbYYXEpeqGoLp6447MNGIqblwcZTcXi3sa08DVlZc3ScAKhnQYooY2rvjA31EV1JZXy0gc0JJxacwddsr-yMAFekFA3unJC0Aj1kqNLzfCZNavEhe6EkAezsAMjYRoEyCVvQ76CgdZmOvlKPXglCTnSYfxee86Mwq6m0jyaU2wIo-A3arKMGVGP2fEttDX2MAM_q4sY-LAA8JPnj4lSNETAiK5R7ZJSn6pOtTu2EZnPsXR5JO90gPGXLF-wfH8I5ysR4iTrJ4P6vSL8vZySke0MhiuzZanBnUmETcQjHBR7FXjyN4FRRKBZgduN1eXOfkis7UeADM_u2FFswNz89VyGE3_5FqCQqJ4HkwfVVxMsg0XGj6NxPTxaBY2eaJFO6ul2cuxkZrWxzsDvvG4NX0CYa-DAb6St86_-qH-j_AdCQv1TFvilTiTNWmi22roaJDz6w1ZdFtB6cekSjDctaiAvNApurQpP4VqAAoU0Cnd8W7VOwXPogY&cid=CAQSOwAvHhf_mdRDRegYqaydrdb0GSx-h5ZkjLFAPQ_6Yu6a82uAcPdr03XP8UhBtxJu-mA1aFaUyX63X2PmGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgrabify.link%2F&ds=l&xdt=1&iif=1&cor=9137077900017383000&adk=1033480540&idt=129&cac=0&dtd=84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
pixel
cm.g.doubleclick.net/ Frame D89E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d2toaUljRzgxUm5FRmU1&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cver=1&google_push=AXcoOmTqbHW9Br-jGL-Obzg2UG4qScVeQQCvUET8C-LGaqM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d2toaUljRzgxUm5FRmU1&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cver=1&google_push=AXcoOmTqbHW9Br-jGL-Obzg2UG4qScVeQQCvUET8C-LGaqMba0hVLdV-yb5tblnEwZ7YjT-Xo8CNVzj0mhU0EnLIr70hHh9WhhoUnw
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:54:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d2toaUljRzgxUm5FRmU1&google_gid=CAESENl2-9c1Pc-qp7FQUzH6GdA&google_cver=1&google_push=AXcoOmTqbHW9Br-jGL-Obzg2UG4qScVeQQCvUET8C-LGaqMba0hVLdV-yb5tblnEwZ7YjT-Xo8CNVzj0mhU0EnLIr70hHh9WhhoUnw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D89E 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEMLdvuwIRdV_UTRkeLQKNY&google_cver=1&google_push=AXcoOmQMwNaYD4EVu__jLFeG5CV1wV7HoLcqE3fYhlPMjWB7YnZVAAeUR6DWpVOyTK4QzjY8VFN1TX11_QYVcReamfaUEc2smHQk
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame D89E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEZCpBWryBBafwLzKWwS9yA&google_cver=1&google_push=AXcoOmRxRGgdnc6mnn6twulCbC10oNdYupTg9ujdL8UAaJH8tWnV532ld8KIce-oEz9c4xESOtX1OQALsFxTqQk...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=R1ZeHZY8R9liBy47F1jT9w&google_push=AXcoOmRxRGgdnc6mnn6twulCbC10oNdYupTg9ujdL8UAaJH8tWnV532ld8KIce-oEz9c4xESOtX1OQALsFxTqQkgFbx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=R1ZeHZY8R9liBy47F1jT9w&google_push=AXcoOmRxRGgdnc6mnn6twulCbC10oNdYupTg9ujdL8UAaJH8tWnV532ld8KIce-oEz9c4xESOtX1OQALsFxTqQkgFbx0Fe1P3H3r
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=R1ZeHZY8R9liBy47F1jT9w&google_push=AXcoOmRxRGgdnc6mnn6twulCbC10oNdYupTg9ujdL8UAaJH8tWnV532ld8KIce-oEz9c4xESOtX1OQALsFxTqQkgFbx0Fe1P3H3r
Date
Wed, 10 Jan 2024 19:55:00 GMT
Connection
keep-alive
Content-Length
237
Content-Type
text/html; charset=utf-8
pub
cs.chocolateplatform.com/ Frame D89E 		0
0
pixel
cm.g.doubleclick.net/ Frame D89E
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEFTZJ6d7d51vFPH6QmuyLvY&google_cver=1&google_push=AXcoOmT1evapXSicu6-dWL46pi8cREf2jg0Z0-cNegzDKm7zpZmWgDx2BP5Tyt-e8_mgMAi0SKBsAOvdzb4Sla2gQa6hb...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT1evapXSicu6-dWL46pi8cREf2jg0Z0-cNegzDKm7zpZmWgDx2BP5Tyt-e8_mgMAi0SKBsAOvdzb4Sla2gQa6hbEL5m0I4IQ&google_hm=acc8ce73d32b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT1evapXSicu6-dWL46pi8cREf2jg0Z0-cNegzDKm7zpZmWgDx2BP5Tyt-e8_mgMAi0SKBsAOvdzb4Sla2gQa6hbEL5m0I4IQ&google_hm=acc8ce73d32b85952sopae00lr879hu9
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:00 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT1evapXSicu6-dWL46pi8cREf2jg0Z0-cNegzDKm7zpZmWgDx2BP5Tyt-e8_mgMAi0SKBsAOvdzb4Sla2gQa6hbEL5m0I4IQ&google_hm=acc8ce73d32b85952sopae00lr879hu9
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame D89E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTYyRdDAWtr-...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTYyRdDAWtr-5eXAa2F5yBVvoV6bg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTYyRdDAWtr-5eXAa2F5yBVvoV6bgeyWw1OYDAAKM1jr3M3l8IXTiejf7sfsTJ9IE72CKQuERqMLCfA4d7uKQ9DY0H-DPrg0ts
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
an-x-request-uuid
053362d8-1255-451d-9a4b-5eab327a1de5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTYyRdDAWtr-5eXAa2F5yBVvoV6bgeyWw1OYDAAKM1jr3M3l8IXTiejf7sfsTJ9IE72CKQuERqMLCfA4d7uKQ9DY0H-DPrg0ts
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D89E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJCrdcGIt...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d07a02e7-9f11-4152-8204-dc68e15622a5&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d07a02e7-9f11-4152-8204-dc68e15622a5&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d07a02e7-9f11-4152-8204-dc68e15622a5&%%GOOGLE_PUSH_PAIR%%
date
Wed, 10 Jan 2024 19:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D89E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjQPm0j4fC08gMKQ0dsMceDyUyu0BMw3nacH2FKIOAEFs-hunhkZy-So1QXF2xQM4teWFtDghP
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame D5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4dLTEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMBqgT5AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2bmNZ2G4CJ2UxSRcFSz2KL0xrhruoYdrfvRAmgjzPKxfC19GNHV7OAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NIAKA_oLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=PeYTVn6CwZA&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_UbCZAdtguJrBrnyAIfNMlb0CukwV5ITNyo_Oqw-1-9eWzw4U-kLwcYexYKavqvcL9UjmLJRsGAE&vt=10&cbvp=2&vis=1
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CA98 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
106461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEneAHzYIf18yJFcw5uUfaHQXClgTxI2jW0Kdwhs2lN8snJeBUW8PWpTQ3zTyf0d9iqEuGdh2nFKUjd81-OTY2TwLbIsKK6l3BTUOl-bdlPdy4OQb9PuNPGO670F_FTVURXZPz9kRtcF9TEnf47pjo3DSjqt0r2LZo67xKt1moHVaGrJZSE6JvwnHTwSYMKSYggiruYLh3IIg_vbK-_1R1p9wRG-TJ5C7YV3w663aHchDomkDTCuA8yhqZVJ97xFtGjSp86nmD90e8zJnshE7U-3oVSoSXq97dvbwtwz1Kxaqm2rugQBJls8mjnU_8DPdDLUj5qalo2NdJ5t20ulp7mIFKU_UOlErD1KM7hLI-1KoH6fo3Q-PI8SbKusK2xzJh6IF6AIH_GO8_MPon3D8&sai=AMfl-YTecNTXKdhMCF6_8OOC0l9bCzxoH0JSuf1-EODiws7ACH8KaFCB0ud8wg0hdeVGZTLLmUuIS25krnXZLLXUYP8yqewtMBfzqZXJVWOAjDEHVqnbkh5cp1MW7vT7bQ&sig=Cg0ArKJSzIwcae2QQQHMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 19:55:00 GMT
passback_300x250.js
static.adsafeprotected.com/ Frame 4840
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1525570/72171815/xbbe/creative/adj?p=APEucNUppgYGcrjksNsWH1PmNUnO_RFmLxZexljVxae1g9KEsjW8MAs&d=CokBAKAmf-DmetImTTZMfMqU-SThJcDKuncq5uMMKXX1eSc181sPh8nBf3NqfFW...
  • https://static.adsafeprotected.com/passback_300x250.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
18.173.187.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 02:40:36 GMT
x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
494065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
e9cCUV4Jbe7Wqw8RT19GCXpVP1ftlb8jGXC5bTcq-hK9Cxa3E6PS6A==

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 168A 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
14339490
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
bQYfOVXQv8d2N8e674lHkju8Xqz0zMXJVOfNpTwxpY0w6DpVe00jpw==
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIGix,pingTime:-3,time:99,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:39%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:40%7D&br=c
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIGiz,pingTime:-6,time:101,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B91~0%5D,as:%5B91~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:40%7D&tpiLookup=ao:grabify.link*&br=c
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame D5C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lr879int&c=3695354099960&slotId=1847677049980&qqid=CPnei_LM04MDFRMqVQgd1vYCfQ&fb=outstream-lima&vast_v=3.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame D5C2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:02:22 GMT
file.mp4
r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D5C2
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
HTTP/1.1
Server
74.125.108.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s17-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 19:55:01 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4322612
Last-Modified
Mon, 16 Oct 2023 12:44:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 10 Jan 2024 19:55:01 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
location
https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D5C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lr879ivz&c=3695354099960&slotId=1847677049980&qqid=CPnei_LM04MDFRMqVQgd1vYCfQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2095&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1g5~videopreviewvisible.1gb&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIGj9,pingTime:-2,time:137,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:537,beZ:539,mfA:543,cmA:545,inA:546,inZ:551,prA:552,prZ:570,si:577,poA:579,poZ:612,cmZ:612,mfZ:612,loA:638,loZ:642,ltA:674,ltZ:674%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:39%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B127~0%5D,as:%5B127~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:40,sinceFw:94,readyFired:false%7D&br=c
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 452A 		0
0
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7556 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame CA98 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3C57 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
126428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 08:47:52 GMT
expires
Wed, 08 Jan 2025 08:47:52 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIGk1,time:191,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:191,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B181~0%5D,as:%5B181~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:40%7D&br=c
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7EF6 		499 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhis2oTdATAB&v=APEucNVrTDM9fCBZeslxIjjQQU24ngdAQAYakr_oyQXCVwxhZkqf4eVYH0HNUPd-5SlUEjDt6K3k9gREjnH8Qcwk-fJWET09usZnoiBZBWxV-Q_WprMiLaA
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 7556 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:48:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 7556 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
85860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 20:04:00 GMT
view
ad.doubleclick.net/pcs/ Frame 7556 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvpTckco_WKePBVY6ziC7pxUWkpw8zVqdyAfdZP_7k5Fv8McY-HsYa7kx95NUCeehTDcXT9ORDzVXbdwb1rA2-4NI1Z5QW5L854u5m8Gv-t8YqVUNrenMv_Q9T148Y5MUN7UbFtFEyiT03HFPJpiVS6xXBIR-uVa4zkjdHOJRj2-M3ivkvSa-nIbcFs_DfNu-TLNCDGvpO96JtXLeWcdVgKDbpu0PI_iScN7-5mF2CME1J2jG0M1dQt9a9XqoLt0fJ2ygdevg6zD3ss3q8_E-8vZAvOFhrkiOcV-QnRzbU4D14WKEYI7B_eM0Vl2UYRIUXneHs2I_HbxvtyxE0fNRoGtUxIiLbIyBZbVj-0ROSk3wKgb80Sj5Sgipv53qIwjjslENgwWGev96_EMhrlAu9A4quDdsWm-PTvBmzJcs866ijBTgYVWWxNcIE2jlkheSjst_8DoYKQJ29BifWMuByQxMLr6Dmkm4ChCMhlYn_hhqvD-AmBXo2fFGWWIK6iSL1XsysfoKcQF2SNKSxkSzcGdePmjCVcBMm8fvxBsT7vdduC5JlN8AdTILj9gB8tPY2Yg9hV56A7Gvn_w_aIwtb8heTld32i4ViDycafYNXsDCn_PDeBottdAnh8Qbca9fZQzl_KEjNxFSySxD3p7EPFvr3Ym_NW0vgZ3V9123bQmcjKYxEgWObRsB7m_yCx0VsTAIj9zeKHlDahBONaLN09YjxdMy-yKsXMRmbsm8GDbJrjJYRypfgCmNCAY6UQsFouUr3FKk24RJ3peqZss2dhWV8YLhkz6jjjSBHQJUXxiuavDWVDuUmMz1_8VAGwGgTmIfJiI7COmiLdKvOgNmYiokEmSnihAzCXq7HCpbbnPkv_MfB5yOl9pPQI_ZHP82MUvWt8GKlU5KDqCLz-lEr_VPj6CmMY-lpA2HWseqcw4xI35mwEAwbbW6hdQ2d6RteGmWw-Fx_YDNiXY4z4d2dSjA5l6zZVnvTpwMbFPaN16pf4rwPX9ZanS9tVAiNOjlDzETXgvglcT3rUuen1lJNKQ8eeVRWEH2YUw_-yU0JGsPohUElx3zdfyn9GAKZ1uWVO4nOe5KmciQIwFAolXaIQDz6vyI37ejyEMNRT-uOeCHGimD7ACWuy4GrWP3VvXRwHXRgvSAIV_Kg8pdZbwgiIzrwfV8bnRxdMiNFSZa2NfN5o1Cq_iqzr5zCRMqjGFtA6U6mUeLTxN4W6EL73yxe8wfCj2o3iQTXPtBQ8JkfcjgIMS-lLxPsqSWlZYsgJ6gf5__t_asycTHZfSRjvD3xi-fnCKSq4pHsnDJgK6GZmh7B30vmn1n5Tk_9tLmwiiZIonQczLZwDDWxDIV7XKbHEpuLL0OQFfXcNkX1dPEhcEvTIwIBn2bLYrG9BDQFn2U2c5yZ50C15PwQogp37ynTPs2BchDvr7NkL7rHRtSY17uCxJcfJBbl18se9OOenp3aAMnz23zfCY_SQ2IAME5LwE4d0rVxqGQ&sai=AMfl-YR4bM88Hs8xeGLhVZQBrWSb6COENDuTPWWl6OpBKLU5UmbhLhDWliAyqcY9AfEnrQ7d_n0QmrNjDjsk3X4Ix0utkqS0KqV-TBCQNUMRcMkF4dKGpQq1xdZxZTVZVupdYXQieUwhfai8YoYz00t1q4F2AcURyvaiDE1pO6uYLchA5duvjJrbKkQngqomnBd2vDyjiuIcWBGLjsa-dme9BNVNvq0TFO07eOhVXpZ-8jfAAn8D-smEhSPUKj_zvx1ZqkQOHVZa7Xiv4JsciLTZM0dFv3FM2buZwswjJ9Xww3y_ois5WhC4gaNExz4WrKHPsijwN2jOcx0WO15SFh9OC__0i6RrnAbWup4ftv6SDawROKRDzTnuhidO9jRwK5Z4Zspt1x6jFZC9z9NFGoReaW_w6UkoxnbaxiL2x-s&sig=Cg0ArKJSzE65Vu9DVVAlEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbWVyaWNhbmV4cHJlc3MuY2g&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240108.61328&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7556 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 7556 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:12:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 09B9 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 11 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 7556 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7556 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSyJzpKFDqDCkMdx5g2IvR2jQi_CtCV6yx1fRVAEw3bF4QyEujNfaUYtmQeaFTI0WHlSHtYKo_qOxMzp5nwDwM76Y5ylyCrctGMG27azprYJf-vjI
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 7556 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0wj-VyT0LcAUufxdHQOEDxjbuRNkSt6C6KefNzKteoXMjIV0oE9Ojt730fTjbvhAkP5GSXL2XXnt2rAsQn3XoxkGNbw
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7556 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:00 GMT
8985428452271719518
s0.2mdn.net/simgad/ Frame 7556 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8985428452271719518
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
c67818aa139491b43700b145cabf6a154b1c2117e55a72370968a95fdfeb5b61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 04 Jan 2025 20:55:13 GMT
date
Fri, 05 Jan 2024 20:55:13 GMT
x-content-type-options
nosniff
age
428387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20503
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 12:54:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ai.aspx
m.exactag.com/ Frame 7556 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=8&extPu=swisscard-dcm&extLi=29122250&extPm=355818576&gdpr=0&gdpr_consent=&rnd=3222636820
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 19:55:00 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 10 Jan 2024 07:55:00 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1938
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame 3C57 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
126418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:48:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9C37 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 19:55:00 GMT
view
ad.doubleclick.net/pcs/ Frame 7556 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvpTckco_WKePBVY6ziC7pxUWkpw8zVqdyAfdZP_7k5Fv8McY-HsYa7kx95NUCeehTDcXT9ORDzVXbdwb1rA2-4NI1Z5QW5L854u5m8Gv-t8YqVUNrenMv_Q9T148Y5MUN7UbFtFEyiT03HFPJpiVS6xXBIR-uVa4zkjdHOJRj2-M3ivkvSa-nIbcFs_DfNu-TLNCDGvpO96JtXLeWcdVgKDbpu0PI_iScN7-5mF2CME1J2jG0M1dQt9a9XqoLt0fJ2ygdevg6zD3ss3q8_E-8vZAvOFhrkiOcV-QnRzbU4D14WKEYI7B_eM0Vl2UYRIUXneHs2I_HbxvtyxE0fNRoGtUxIiLbIyBZbVj-0ROSk3wKgb80Sj5Sgipv53qIwjjslENgwWGev96_EMhrlAu9A4quDdsWm-PTvBmzJcs866ijBTgYVWWxNcIE2jlkheSjst_8DoYKQJ29BifWMuByQxMLr6Dmkm4ChCMhlYn_hhqvD-AmBXo2fFGWWIK6iSL1XsysfoKcQF2SNKSxkSzcGdePmjCVcBMm8fvxBsT7vdduC5JlN8AdTILj9gB8tPY2Yg9hV56A7Gvn_w_aIwtb8heTld32i4ViDycafYNXsDCn_PDeBottdAnh8Qbca9fZQzl_KEjNxFSySxD3p7EPFvr3Ym_NW0vgZ3V9123bQmcjKYxEgWObRsB7m_yCx0VsTAIj9zeKHlDahBONaLN09YjxdMy-yKsXMRmbsm8GDbJrjJYRypfgCmNCAY6UQsFouUr3FKk24RJ3peqZss2dhWV8YLhkz6jjjSBHQJUXxiuavDWVDuUmMz1_8VAGwGgTmIfJiI7COmiLdKvOgNmYiokEmSnihAzCXq7HCpbbnPkv_MfB5yOl9pPQI_ZHP82MUvWt8GKlU5KDqCLz-lEr_VPj6CmMY-lpA2HWseqcw4xI35mwEAwbbW6hdQ2d6RteGmWw-Fx_YDNiXY4z4d2dSjA5l6zZVnvTpwMbFPaN16pf4rwPX9ZanS9tVAiNOjlDzETXgvglcT3rUuen1lJNKQ8eeVRWEH2YUw_-yU0JGsPohUElx3zdfyn9GAKZ1uWVO4nOe5KmciQIwFAolXaIQDz6vyI37ejyEMNRT-uOeCHGimD7ACWuy4GrWP3VvXRwHXRgvSAIV_Kg8pdZbwgiIzrwfV8bnRxdMiNFSZa2NfN5o1Cq_iqzr5zCRMqjGFtA6U6mUeLTxN4W6EL73yxe8wfCj2o3iQTXPtBQ8JkfcjgIMS-lLxPsqSWlZYsgJ6gf5__t_asycTHZfSRjvD3xi-fnCKSq4pHsnDJgK6GZmh7B30vmn1n5Tk_9tLmwiiZIonQczLZwDDWxDIV7XKbHEpuLL0OQFfXcNkX1dPEhcEvTIwIBn2bLYrG9BDQFn2U2c5yZ50C15PwQogp37ynTPs2BchDvr7NkL7rHRtSY17uCxJcfJBbl18se9OOenp3aAMnz23zfCY_SQ2IAME5LwE4d0rVxqGQ&sai=AMfl-YR4bM88Hs8xeGLhVZQBrWSb6COENDuTPWWl6OpBKLU5UmbhLhDWliAyqcY9AfEnrQ7d_n0QmrNjDjsk3X4Ix0utkqS0KqV-TBCQNUMRcMkF4dKGpQq1xdZxZTVZVupdYXQieUwhfai8YoYz00t1q4F2AcURyvaiDE1pO6uYLchA5duvjJrbKkQngqomnBd2vDyjiuIcWBGLjsa-dme9BNVNvq0TFO07eOhVXpZ-8jfAAn8D-smEhSPUKj_zvx1ZqkQOHVZa7Xiv4JsciLTZM0dFv3FM2buZwswjJ9Xww3y_ois5WhC4gaNExz4WrKHPsijwN2jOcx0WO15SFh9OC__0i6RrnAbWup4ftv6SDawROKRDzTnuhidO9jRwK5Z4Zspt1x6jFZC9z9NFGoReaW_w6UkoxnbaxiL2x-s&sig=Cg0ArKJSzE65Vu9DVVAlEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbWVyaWNhbmV4cHJlc3MuY2g&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=59&vt=11&dtpt=58&dett=2&cstd=0&cisv=r20240108.61328&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 89B8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
106461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7556 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd748f56bf11ef77334d8b052e0cba9516a857e01cafc58d723348ffd0040f5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 09B9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1&google_push=AXcoOmSOD9CoKW3BCrlk_eNK8tHx0YP40FLHeF3kiSwJuv4yln9R2FhDmWPhfgSmUY0-dtD3eCfeSHf3NMXPsstglaCyAh8_xaVb
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4NzMxMTk1MjI5MTIxNTk2NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOXhLUZE4tudVj7wBD4rjjI&google_cver=1&google_push=AXcoOmRD9Sa2Hy0urW3hg8sEe3-XxzEkOX2LY25Eq0dPJEG8olC7NcTm7Edf8ztW1vqRfE8fWAXnRKL0uLJ94y0X...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmRD9Sa2Hy0urW3hg8sEe3-XxzEkOX2LY25Eq0dPJEG8olC7NcTm7Edf8ztW1vqRfE8fWAXnRKL0uLJ94y0X-FbOxv36ZzoT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmRD9Sa2Hy0urW3hg8sEe3-XxzEkOX2LY25Eq0dPJEG8olC7NcTm7Edf8ztW1vqRfE8fWAXnRKL0uLJ94y0X-FbOxv36ZzoT
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmRD9Sa2Hy0urW3hg8sEe3-XxzEkOX2LY25Eq0dPJEG8olC7NcTm7Edf8ztW1vqRfE8fWAXnRKL0uLJ94y0X-FbOxv36ZzoT
x-host
tde-deliveryengine-production-5db7bf8975-s7552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQpokZyfPWQdYEBi13nqNjIwlC2u8wqwINB56XuLnb7JcGjs4hK-Cru4vqT5noKA9JQJ10I2JD5YPLI1npsYPPdpSHJQ1nl
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQpokZyfPWQdYEBi13nqNjIwlC2u8wqwINB56XuLnb7JcGjs4hK-Cru4vqT5noKA9JQJ10I2JD5YPLI1npsYPPdpSHJQ1nl
date
Wed, 10 Jan 2024 19:54:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 09B9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOPqNqt1Lnkt7vjRrJwVOmk&google_cver=1&google_push=AXcoOmR15yoD2y7kLFKa0z8yASz0wqdeMzzclYst33D22sSSLqSLTmRZ4SVwrhpMke1MfMbnb-bSw007FDrqx5Ek...
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=cea8a33fc4&gdpr=0&gdpr_consent=
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=cea8a33fc4&gdpr=0&gdpr_consent=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27652

Redirect headers

date
Wed, 10 Jan 2024 19:55:00 GMT
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=cea8a33fc4&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
MaOaNYhV4dZ3ep6QpqC0IdetqDtflgJoMJXqQa0mNHQHxyQC5OopNQ==
pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIZ6fyuXZEof6NF-N5WtcUA&google_cver=1&google_push=AXcoOmTBcL16n0osCV77oT_GuXaVTmwGFs4wik91zL8EtZpNtTeLf8BtBvJX9Uf7XZQFb8UjGkdD1oo2WHJN...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBcL16n0osCV77oT_GuXaVTmwGFs4wik91zL8EtZpNtTeLf8BtBvJX9Uf7XZQFb8UjGkdD1oo2WHJNhugFqfIot5udFziT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBcL16n0osCV77oT_GuXaVTmwGFs4wik91zL8EtZpNtTeLf8BtBvJX9Uf7XZQFb8UjGkdD1oo2WHJNhugFqfIot5udFziT
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBcL16n0osCV77oT_GuXaVTmwGFs4wik91zL8EtZpNtTeLf8BtBvJX9Uf7XZQFb8UjGkdD1oo2WHJNhugFqfIot5udFziT
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEF1xQu-CVi7x2wQWKSstaHU&google_cver=1&google_push=AXcoOmR80eFfkbtLLW-PkOha8SOXIjUsnrrTkJW6qPLjtX1kcZMpxO_BfuwtGSfgQR1r4_6CsSpChpu_WnlTtdWa7tu745m...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTk1NjNlYjg0MmIzNDU0NThiMjNiMjYwZTJhYjRmZmM%3D&UIDF=CAESEF1xQu-CVi7x2wQWKSstaHU&google_cver=1&google_push=AXcoOmR80eFfkbtLLW-PkOha8SOX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTk1NjNlYjg0MmIzNDU0NThiMjNiMjYwZTJhYjRmZmM%3D&UIDF=CAESEF1xQu-CVi7x2wQWKSstaHU&google_cver=1&google_push=AXcoOmR80eFfkbtLLW-PkOha8SOXIjUsnrrTkJW6qPLjtX1kcZMpxO_BfuwtGSfgQR1r4_6CsSpChpu_WnlTtdWa7tu745mqOm0
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MTk1NjNlYjg0MmIzNDU0NThiMjNiMjYwZTJhYjRmZmM%3D&UIDF=CAESEF1xQu-CVi7x2wQWKSstaHU&google_cver=1&google_push=AXcoOmR80eFfkbtLLW-PkOha8SOXIjUsnrrTkJW6qPLjtX1kcZMpxO_BfuwtGSfgQR1r4_6CsSpChpu_WnlTtdWa7tu745mqOm0
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEBtGRHtRWadR5SfpS9fKHWQ&google_cver=1&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHl...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEBtGRHtRWadR5SfpS9fKHWQ&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHl...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHlTvnNbuAoWwmBOa-wUkszVdktg&google_hm=WVRvY050Zmhhbl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHlTvnNbuAoWwmBOa-wUkszVdktg&google_hm=WVRvY050Zmhhblh0ZjZqYkxPaHo=
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:55:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmS40pb-M6aAFXB53ns7jg2y-ZRCPLsCvpTe-uh5SoR9gVnUF5xEkhm9RwBkABSs54Z70YrHlTvnNbuAoWwmBOa-wUkszVdktg&google_hm=WVRvY050Zmhhblh0ZjZqYkxPaHo=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 09B9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KST23EYQzwg6wkk089ygk-yV-b-kB4TLGTZtC1hNHAOO71jqj_QZdcJiruLwzbcKVd-W12pQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7EF6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhis2oTdATAB&v=APEucNVrTDM9fCBZeslxIjjQQU24ngdAQAYakr_oyQXCVwxhZkqf4eVYH0HNUPd-5SlUEjDt6K3k9gREjnH8Qcwk-fJWET09usZnoiBZBWxV-Q_WprMiLaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7EF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1&gdpr=0
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhis2oTdATAB&v=APEucNVrTDM9fCBZeslxIjjQQU24ngdAQAYakr_oyQXCVwxhZkqf4eVYH0HNUPd-5SlUEjDt6K3k9gREjnH8Qcwk-fJWET09usZnoiBZBWxV-Q_WprMiLaA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKqdidaisCnJZGLqJSS6Noj2Xe4BXoCbXbk4ECrIJuMnpPEcFyw%2FeCP5XYffj6Xradu7cLClsRjvTUACf88%2Fvu02GpFsMKjJEnY8RLa0CskOO5VjU%2B4Nq4BzOyTf7jygA3sSiL8PQ5uing%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843779a00ebb01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7EF6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ72EsTdxh8P9zeyMg-eQQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDEjwIQuMCtAhis2oTdATAB&v=APEucNVrTDM9fCBZeslxIjjQQU24ngdAQAYakr_oyQXCVwxhZkqf4eVYH0HNUPd-5SlUEjDt6K3k9gREjnH8Qcwk-fJWET09usZnoiBZBWxV-Q_WprMiLaA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGY4k2AM0twYXprpHfs9MwceVjimTXB71KGbYDOLaviPF23LTHa6%2B3GX1oW6Xa589FbQk5JPuEjnc6KeRtdueNPJYO%2FuestmG5InIDEX%2B73F1RDUVvgSM8E9vibTP%2Fxa6e6cd2C4R5DoLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843779a0bfd101df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAy3aw2Wmh7A44Fp8rymWqQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 2CBE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 89B8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6B4 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 940B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJqeF9_E9nuCKmUu_i04H72AUGfW1q6jg1BI4Fnh7yz4Kj2SUV077zQiDs2JGy_k6XrX2tiWNinJbWjSJ0zo-7kZOvqoChWEcNzId1y-HbS1j1pNwczZ6JYJ4NspqmAZVi3njtMlEnNWVzsVBrT7v4JxnGbPSgkqCLvaA_t42RDJKYDD9MsJCdjtuHwVxqoJdb7zpTTS41Me68FNwedNPwL3E5Zt4DiGepXtuaTA-ALcFaGyLb2_A50aGXx6y0gv_olZJwAtFQwmyBe8uNf8BJY7nMOIEpUd0nKaWuutlYV_nuxVVvSxIvf6IvavJ90Fx-q_1DtLMH6MO3ZwQLMi1_q7FIc4I1qH7hmIhhqgFrojgZopSW1JRnabnTiVu1OhaQ&sai=AMfl-YRVZNtDvL8McHLbeMPm4tByoH7u5bNwi2jAfwcxUvP7bLq850GGhd3TPyHBezGVVubaPV8qFsz7jJeUiLG4iEG14nRS7M3WqxYFLoi_DPJLxV6n1Hmb-N3JPXthRA&sig=Cg0ArKJSzHxsxseQvFjwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 940B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Clink_hrec_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50|300x250|728x90|970x90&fluid=height&ifi=14&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916500574&lmt=1704916500&adxs=800&adys=1067&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x40&msz=0x0&fws=4&ohw=1600&psts=AOrYGsnTaxRCaxdpZF4U1cHehRAzJQuXK5gGRPQB8YfCgZQ9W8LnwnxIrwBFtVqVCClHtHBl5HuNawJ19bfl68B_ujfV1mzgE2xfQbU%2CAOrYGskuG2jC4Tn2TCQVeYdnaBdVmX6s4dXoC9W6Y6Z1KKJJMQcZYVwLATCCrn488-MaA1tCdH1H86mXDlZbR5ugiN-5oiyPCYaPQKM&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAASHQoOZXNwLmNyaXRlby5jb20YnfjEp88xSABSAghk&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26cmp_allow_personal%3Dtrue%26cmp_determined_ms%3D8000-8999%26cmp_gdpr_cached%3Dfalse%26cmp_jurisdiction%3Dnone%26cmp_load_finish_ms%3D8000-8999%26first_zone_ms%3D8000-8999%26fuse_category%3Dtrack%2C41AL59%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26fuse_industry%3DIAB19%26fuse_loaded_ms%3D5000-5999%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_publication_id%3D14%26fuse_site%3Dgrabify.link%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26gpt_auction_start_ms%3D9000-9999%26gpt_ready_ms%3D6000-6999%26hb_auction_start_ms%3D8000-8999%26in2w_key%3D23%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx928%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D22%2C23%26in2w_key9001%3D7%26in2w_keypm%3Dfuse-slot-21842489290-1%26inskin_yes%3Dtrue%26prebid_ready_ms%3D7000-7999%26testmode%3Dfalse%26uam_ready_ms%3D6000-6999%26zone_count_above_vp%3D4&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=1819770311&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
870f5a1a5e5fd0b82fc34c742d58016bc25527b5afca1827997731d25b7e6757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11694
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA98 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BtZlTE_aeZZGDNZrAx_AP37Od4AYAAAAAOAHgBAI&bg=!oKOlo-zNAAaumcC-jpk7ADQBe5WfOE8YgFRAqjsm6wnW0rbkT2w_0V_jN9XUm-u1UFQdQ8EIEUhBtlvs4Y9XENApS9VFAgAAANJSAAAAA2gBB5kDArWytRnjiuvMBoJMP7GgPGaUqFgzTkRUXhUmNkzQ5okm6gVad_wMXjXaPAon40wbKTSSBf0P1Leh4dHTO_XAnQ87i9lngp7Oz3C4cONRSh6ea7-Non9V1EbrpWdY7_7rm4Quxjohv4BApH3NPgeZqJ9uMtxA13JDIEq6tZMwdIxGUlqK4B97cHV0_AN-uBy0jLB-NuOK11DP93rGTmn4K-s4f9Ufa8J_8gYiX2gTNzwr4RHrbL26OKds_QqUGwZDlY-6Wf4n4qGGY405TwKEJj_yQTFJcTYSEkPCanPHgTG6TmEhM7Pcnv-Pv56yVKp_iEZIcVcVJ5eTxyQYN6rW8VbXaZQ8mP9hTkfWC8yR4skYWyy9dGJPAd-OVt2uZd-14WvXaCziaKctA9Oe7cUVuySGGJasYS9QV2V6FKI9QvGosg2bJYmw04Tp5RH0qRK5mnGKPdV642NKzuxze4XTTqWw-Du1GY74JdlIj6V4RSgYd2mE7M7YimFaDYgFJA9fYKUaI1G23fkfqajH47r6_PwcMEGt5Y5UB2nAIx6TtGBnivlCBVbGKfilcFilT_2NKZeu0_ouIz_mVwzkG9SVmf1qDMx4B2YAipZCWyQIIDm2zBX5rqzH1a0xaGRz52CNsqHtCAjd88JS1ZhSUgKFqHEbtVsao7jB7-l3Is4Ybva_OATZZRZySy_yQpi8-5VCuII9sIPKy3PL7Gk2KJwpbsGtd5o_9esDl6cdSBGjbtlNnV7Y08fmlH7GCW42CaR4qAIeXCA46lrUhb0IBCv4TY2cEnIuDi1zyGYIb9OmgZxQ7WJjesqeDd2rxOjsw0_As2K4A3MxDzmbm7Pb5-l8DERLGxLUBB0Ql7j6ZShqogkUGaSX1uwmaCW9C3YpzwdSAJybFVcVWTnJwROjeZf4MDahjtZHn36dK9m7kV8Mcpqva9V7WAgUeoi158lTylqTF-ZTBeRysOahFCTEaJM5TP3jiYihHh76lvMcbC3jFFdLHrZZRa5AA_OhWOGrDKZfOlHT
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 940B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMFSOVfENOcy3hGgETMjGl6NmJLSFS3HOM4H36O3o5NK5qokoZWNPSlPV6M9VLLw70V8GtszJ9a8V1gwbFgFo_9PP_Lc07Ss2QKOsVXQ7aT0oo2ifIBEFxvVUyG8OsWs3tP39vnZt9xIqjA7VmLV2s3Dbz4EHacmDHt8ubj8z8lwnA5tix8bVET7DWlpxJ5C7vx9-ebbrvwUMbB8eZqbUfv_n1xYAEe069reICkwZTkqr5B_9jxLBhuJyjN8asDrwdnmVtG5BcAofmpjau6AORtVzFXNiGlrzyS_kssJHPSpzYc7-_dA_MaabfrF-rX8-DIe1xlkXVetfIxt5j5MG9BZMAq3ttbnltd5N5I9r2ztdHwHtr3JCJ-DvZNnolND08jQc&sai=AMfl-YRgFMNFugRcH_0dMeyibW_-7mr99M7rTh6lgHa268msqytDxrg0DNNo-aMMCFxppaywVzWv3691wVpMRyIFFiarxUSbV9DLsJdJNa-3FNvwZ4SihAzSJIrzk3QAsg&sig=Cg0ArKJSzFvPsl3gaHJPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 19:55:00 GMT
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 4840 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date
Thu, 04 Jan 2024 04:02:29 GMT
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
575552
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
ar6zW5iUft6yR4j6gzg34LtNUECt17hSXdn26V7CeM9LFVHtT2rz_g==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1524 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 11 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4840 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69c55fc6396f6aa848f35eb3b0f5078730a4805f746a9743ccdd58bfd8d74d2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C57 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B63jWFPaeZcrABdDokdUPvIWd4A4AAAAAOAHgBAI&bg=!4uGl4a7NAAZ1R9vHVUc7ADQBe5WfODLTYypu8uMYUy308eWLgNaz4PJr9Sl-2kMrR5q2vd1T7N3FLaPt9ELLfpzELiS5AgAAAQJSAAAABGgBB5kDAS97lG1ditEO5qDIvpGYa9gfoOPSbE050Inh4LWhVKbXQ_ytAy7xV_wo87fpsFPUVMtn8w0Xq0-N4pLM98EZgQajnemqyvqo91r273j8ktJ9yzm7mtncItJimsvKrbgKAwWyyb_ypB218UDx6BcVxzFodacEkHOr7AGzvJClsn-iSeb4zg8RUzgCd5DW0J6BMRIVBNUd2oD451XDas9J0wZJ2GKkcg4h3haRP2gzqbm8y3Nb1oNKIWBKGO4wxOaqMKwRRgrxdsnx14hG68YuiblXzaNIvaRziO7uA8mAAam5jmRI_2bayKtRM7zPpMKR9EnJ3vUkRkc634560o2WrlvlxbN4W140hx2oXop3hr5RwtpA7029FIluJ8Gr_znajXU5MGGzk6R5MNJrq3M739A3GHIiHHafV9cBbUuEvKZ12z0ugum-CTTR6L5amzg7BWL2CHIviecb_avgTLSsRbJaTLQYV8itqvrUP53zngA43OEuAFrsRBNc0iF65rtMgeCAdbtQPjVyxbyujsjkQmxy33eoihLyIqHwSrqfGgNISIIx3ArK0Kvw4PGX43zmk_P4467XpV8WyxIf1bKykZzMO0YchYD34m5W7f4rtboBML_7cNjLfqS5lK9K44gXQ4vPON_3COMYvVJZHIU8akqqrsPHTGIHqOEAB4xtCuC-NgoGQmYAcfbvoRxjHIp_uKQ_SUJeVZ0sD11sxrqBoSFZOyWnoNNjqoNTTJqfrUvqsdk1Y61cCywu9_1todHpNGqmnA2onVjQVnXNZ0sjyrmqRo28jr8VQ3ZRBjkO7WIj90SDbbruPTmVa2IFB23mSd3GY9tM6aut93fZ8HC0RpcjJyBLtbF9D30_1r97OpbGyly1-rwXZEGzyiQvwcBDIQINT1HnJ9x_BwFA7k4wiGrgFdLp1EEq92LG8vwRl-GbojDyZegBww-eLSmCAmiCPX9F33Vihfm6qb1a9jmJIussHkl0W3-7QZoph_9YmnEcqCmYoDhmJmAMSm1VjEu3fjA
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1524
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMf_ss48IJevTPesVj6ZNvI&google_cver=1&google_push=AXcoOmSYAy82Quj3NkOAWE1UKl8eP90zPlf0ULIjCIIhh7TG0dQrd0MgqWhMIB5FLgtRhkjM-5G20TkjxtjiTM1lWJar...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSYAy82Quj3NkOAWE1UKl8eP90zPlf0ULIjCIIhh7TG0dQrd0MgqWhMIB5FLgtRhkjM-5G20TkjxtjiTM1lWJarS3CCVfxS&google_hm=0HoC558RQVKCBNxo4VYipQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSYAy82Quj3NkOAWE1UKl8eP90zPlf0ULIjCIIhh7TG0dQrd0MgqWhMIB5FLgtRhkjM-5G20TkjxtjiTM1lWJarS3CCVfxS&google_hm=0HoC558RQVKCBNxo4VYipQ==
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSYAy82Quj3NkOAWE1UKl8eP90zPlf0ULIjCIIhh7TG0dQrd0MgqWhMIB5FLgtRhkjM-5G20TkjxtjiTM1lWJarS3CCVfxS&google_hm=0HoC558RQVKCBNxo4VYipQ==
date
Wed, 10 Jan 2024 19:55:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 1524 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTSrW2KKDuIzjwDxrdTA3zCaTZBzSfoP17sfgzwrghvml596wZFdhGP2hLaAHaY8hN59TzEMMrR1zVS_I3PxfRllkSVThmu&google_gid=CAESEG3iXsap7UjNqp1mKTipsyQ&google_cver=1
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
275866
expires
Wed, 10 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1524
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRhgQSdCubSL_o1_vwABLuAoBvBtP1K6H8DqDBVenKUOK-F9ZHaO5dGrPzbH9nZhdpRME0zybhwjp...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRhgQSdCubSL_o1_vwABLuAoBvBtP1K6H8DqDBVenKUOK-F9ZHaO5dGrPzbH9nZhdpRME0zybhwjpOZpdGfhvrF-WtyECkh&google_hm=cc66ad2d-3985-43c0-88...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRhgQSdCubSL_o1_vwABLuAoBvBtP1K6H8DqDBVenKUOK-F9ZHaO5dGrPzbH9nZhdpRME0zybhwjpOZpdGfhvrF-WtyECkh&google_hm=cc66ad2d-3985-43c0-8884-8fee449e377f
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-50
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRhgQSdCubSL_o1_vwABLuAoBvBtP1K6H8DqDBVenKUOK-F9ZHaO5dGrPzbH9nZhdpRME0zybhwjpOZpdGfhvrF-WtyECkh&google_hm=cc66ad2d-3985-43c0-8884-8fee449e377f
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1524
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENpvdGueB6GLIlasphO6Qlc&google_cver=1&google_push=AXcoOmTsKDSH6nbEZjjdtMWrjk8RzUIhMwvrmjpeE7NwDL58az91_lrnDIApj5KtMeLbNXuEGHaiPI...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTsKDSH6nbEZjjdtMWrjk8RzUIhMwvrmjpeE7NwDL58az91_lrnDIApj5KtMeLbNXuEGHaiPIl2NQpTqjJBvI0DUdoSUgeoXg&google_hm=MzkyMTY2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTsKDSH6nbEZjjdtMWrjk8RzUIhMwvrmjpeE7NwDL58az91_lrnDIApj5KtMeLbNXuEGHaiPIl2NQpTqjJBvI0DUdoSUgeoXg&google_hm=MzkyMTY2NTczMDA2NDUwOTY2OQ%3D%3D
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTsKDSH6nbEZjjdtMWrjk8RzUIhMwvrmjpeE7NwDL58az91_lrnDIApj5KtMeLbNXuEGHaiPIl2NQpTqjJBvI0DUdoSUgeoXg&google_hm=MzkyMTY2NTczMDA2NDUwOTY2OQ%3D%3D
date
Wed, 10 Jan 2024 19:55:00 GMT
content-length
0
report
sync.teads.tv/um/ Frame 1524
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELsyxOO6-Z44...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NGNkMzBhZmQtOTU1My00ZmE1LWJmMmEtNWU2ZjJhMTYzOGU1&google_push=AXcoOmTc8JnLat8Vcrha1ASKb0vYpKc4TKLsrdpXupU1ZD8HEszL95ZdzDpxg3u-6oSBc...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 19:55:01 GMT
pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1524
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEFTZJ6d7d51vFPH6QmuyLvY&google_cver=1&google_push=AXcoOmTQbyn0Ewf2RMLGXFU4wMh4DXnPvL1Al8YeaAjScoIxAhxRC8BN1cBRFybO_xjAgeRhL0mCOO0jCYbhlkPTHJf-H...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTQbyn0Ewf2RMLGXFU4wMh4DXnPvL1Al8YeaAjScoIxAhxRC8BN1cBRFybO_xjAgeRhL0mCOO0jCYbhlkPTHJf-HN7RGrt4raE&google_hm=acc8ce73d32...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTQbyn0Ewf2RMLGXFU4wMh4DXnPvL1Al8YeaAjScoIxAhxRC8BN1cBRFybO_xjAgeRhL0mCOO0jCYbhlkPTHJf-HN7RGrt4raE&google_hm=acc8ce73d32b85952sopae00lr879hu9
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:00 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTQbyn0Ewf2RMLGXFU4wMh4DXnPvL1Al8YeaAjScoIxAhxRC8BN1cBRFybO_xjAgeRhL0mCOO0jCYbhlkPTHJf-HN7RGrt4raE&google_hm=acc8ce73d32b85952sopae00lr879hu9
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1524
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTeDG5VFMQpP...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTeDG5VFMQpPVuXewcG9LnEFObO0O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTeDG5VFMQpPVuXewcG9LnEFObO0Ot6uwenri5Gzm87FVpr1rWJm_nySBivJe_hWwL6X1DQsJqZphDh5pkpxSqzkNU2QhY1ero
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
an-x-request-uuid
4a135514-3f16-4dde-b34b-8b6ec69e0eef
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmTeDG5VFMQpPVuXewcG9LnEFObO0Ot6uwenri5Gzm87FVpr1rWJm_nySBivJe_hWwL6X1DQsJqZphDh5pkpxSqzkNU2QhY1ero
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1524 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ka0qLFuKDrxSdAstcgGpMP5JKIhlbmsHstAI_QGDi4urwtRCsGn3hwoONYeTr9cmGnZyY2UQjH
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89B8 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1SE7E_aeZdvqMafm1PIPzo-f0A8AAAAAOAHgBAI&bg=!e3ileDfNAAaumcC-jpk7ADQBe5WfOFeHnTJENWhnrvl53OoWyH6AcZuP08A84Go-TiYIehp-w4OSnDI8b9G1zUmpociLAgAAAMlSAAAAA2gBBwoASPO5V_J-SKUJ-JviQkj-LWi9SlQBjcyCi0whHRoGUzc3nskxdM0ZgjRqV8HOwyHB1LO-sdiKRdfQirX8QnsSAZ3wDqj-Xl8OKZkC_fgRgUyq9FEGc7GGJtP9XFI5Q3c3JrllUWJbFlKgOByJhr9l8bUGRRkF902p4rSca9wANRLpXmHWTh3WtlJ0-i_chQcO5YZx9LTi6Uf5TvtYYA8gIIgdBkhnvfpm_ksXM7MbBMC8n1pipuycr-TzfnLypmorQwqakQIUgaoc9qo8SvpX2lG1vwMLjyKFkbQfkSPhmiiXjtp-5yzgzW6AEwH5g5ZOxbnUsoSiDx4ohnpVCNikoUsw_4_DRn2Q9rM4ygJxmrJj7l6RMIeLrZtQfxk9nKWUbf7wbeFj9YIziYGvfBnGwTefsVELtgyX2ppjSahmk-zuuence-S9MGdci1A7tpCP9SrZPFSTrNR2zDJn4E7qnx9VfgHSfKWpOLADEt2ig0JyqZYKuWLPRl-cP15Ob_PnXiwSn2q3POQt-QBWBTAlzlfAHtRfYjLmsMshHZc_-mj-BF4fDVrksyS5duXf2bghrL1ox9YQjXk8p18BVe_rKp8s4OIvyU7JZQt6AUYxC95QC8H4x1Y7keB6P0Hog1E0A6m9269UiJTRBL8lecgfHcdnGKsv1UqjpMcFROm-NhBrqpVoOZcvP4WmxRnTtPgjWkrF2pBV_nwEQfDHQC6U_t4hLib5t-hI0jQqEBQkRvZgfHYDuIeab5H9v5i6krfLJcLDqD5R7BrNpC7722kfEHj0OposARXOK-yysiOjTiuvmWJq4lbgJJEWIhmyyXXete-_QLoduXoGUv5IrGPGwLU8C8oh1msF7aUBT1wm3-fbHr_iLP0tL9Gd_mWKyaCl6QpKNevvCeC4MHj2Ui_dqIs5FY6ucUYHGQm26dLyym5fyKAOl4N23fzNw7VX3_CpKqAQk2PlqomtIvz3kj101ppqZwdxgoq5VPV90Dj0i3_iVb-muYgBuIdHIbtx3-vPhV7ZM2_aeoXJygrdqwjquPbrpBEi7ZewEFFYtMZencm7CIZ5DgvcSUOLPtZ1YQqYO4PvaIj2HV_1NlCDf-4OgEGw-Mk5UcgOXA
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E3F 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7E93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvexJPBMZoUAXVK4wjLRm6P2u7hC7ZyiipKWNl8wzQSB1NufAw7qJXhFlCAjcaGVSzzr2N16iezTFsqkqL2-2plvs4W3fH3oNg-oyfyBdnmDGSh0fLpR9c8Vhp9vouU_dMc6GSC-Xsj64DMHgXi81DbF2bDUGJGwpsE-ELTGt2c0sUxnsvGn5lmABvF6LKPWoFcDKVImCiuWUGe29uohXF0dP_cGsVLokNYBbyqARCXhfYHMGnTpIcIyHBDBcRiLlF_d8N459JICjL5_U_ByAHITW6wfyZd5USd80wlyUGiA3uiAJ29tueG8-UFTqPwk49QQr608eca7Mu8kRuPbTBx-nuvfb2Cl9zYQW39iMBRMlI95aOQ9s9zN9GoiDqZyBhY&sai=AMfl-YSD_tVr4qNOGtjsP7BNuMEaGqfAHtfTuul_JJfuBtQHpSK3lYKh22midSgdmX3Ecb8EVtrGrslF_UYTY8ppIocrX73klnVTrb4WXw7l9LwCUXFzuWEX72H9pPYgsA&sig=Cg0ArKJSzHwtRElm9upKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7E93 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625128605099324&correlator=3864154009602058&eid=31079925%2C31079957%2C31080327%2C21065725&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547847029%2CGBFY_grabify%2Clink_hrec_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50|300x250|728x90|970x90|970x250&fluid=height&ifi=15&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D6b1d51725ff6a40d%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g&gpic=UID%3D00000d3f405cc44b%3AT%3D1704916497%3ART%3D1704916497%3AS%3DALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w&abxe=1&dt=1704916500939&lmt=1704916500&adxs=800&adys=2137&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&vis=1&psz=0x40&msz=0x0&fws=4&ohw=1600&psts=AOrYGsnTaxRCaxdpZF4U1cHehRAzJQuXK5gGRPQB8YfCgZQ9W8LnwnxIrwBFtVqVCClHtHBl5HuNawJ19bfl68B_ujfV1mzgE2xfQbU%2CAOrYGslp4Pu49ytwxl86d8HDV6PNcRz3L_j29l9wF7TLEJ8FR0gg08UsN_aTXJ_LzffRgPbnln7FRpfNJ5TXzZDRJ2Dnr_7JcwYXDuA&ga_vid=1320112297.1704916494&ga_sid=1704916497&ga_hid=1080211007&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDJmZjlkNWVjOGM1NDUwMWY5ZWI1ZGU2NjIzNzQxODVjYTAyY2Y1NDBlNGFmNDg4ODNjMDdiODM4MDM5NmFjNDcYpevEp88xSAASHQoOZXNwLmNyaXRlby5jb20YnfjEp88xSABSAghk&dlt=1704916492435&idt=3513&prev_scp=amznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26cmp_allow_personal%3Dtrue%26cmp_determined_ms%3D8000-8999%26cmp_gdpr_cached%3Dfalse%26cmp_jurisdiction%3Dnone%26cmp_load_finish_ms%3D8000-8999%26first_zone_ms%3D8000-8999%26fuse_category%3Dtrack%2C41AL59%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26fuse_industry%3DIAB19%26fuse_loaded_ms%3D5000-5999%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_publication_id%3D14%26fuse_site%3Dgrabify.link%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26gpt_auction_start_ms%3D9000-9999%26gpt_ready_ms%3D6000-6999%26hb_auction_start_ms%3D8000-8999%26in2w_key%3D263%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D928%26in2w_key8%3D262%2C263%26in2w_key9001%3D8%26in2w_keypm%3Dfuse-slot-21847076120-1%26inskin_yes%3Dtrue%26prebid_ready_ms%3D7000-7999%26testmode%3Dfalse%26uam_ready_ms%3D6000-6999%26zone_count_above_vp%3D4%26in2w_key3%3Dadx928%26in2w_key12%3Doptimization&cust_params=fuse_site%3Dgrabify.link%26fuse_path%3D%252Ftrack%252F41AL59%26fuse_query%3D%26fuse_category%3Dtrack%252C41AL59%26fuse_industry%3DIAB19%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D831d4d19-c30b-520b-ade1-b6d6ef560f56%26fuse_publication_id%3D14%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D7000-7999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D8000-8999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26fuse_exp_1%3Dfalse%26fuse_exp_2%3Dfalse%26fuse_exp_3%3Dfalse%26zone_count_above_vp%3D4%26GPT_AUCTION_START_MS%3D9000-9999%26CMP_LOAD_FINISH_MS%3D8000-8999%26FIRST_ZONE_MS%3D8000-8999%26HB_AUCTION_START_MS%3D8000-8999&adks=512774694&frm=20
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
778c4356087704d1125583004b45a67e4c803c12a922a528131a44b49d9bcac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44152
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://grabify.link
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7E93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHPb1z3b51Lv4Wz64q6BEgWku7jk5gjOYJlzmzS2QR9BciZt8LJtKHkmItA4sEMVUk_llmHPfkPft2sgnkV5zXPDx5XaE0URY28uA6C8W4kaHPFuGZJlauBjUUZNdEHSxFNgINyKghJagTnaJIzdyOwfHWQ27BDjANjvV9jqKzHJ74_WDORvCvDYfOnaiigEgbQMO8d8f_qX3me3XHL08dk7Vd-XDjwVeqS87eSpGENBu6mxpL2UBNkOHwu-JfMcB5hCnJLLogbIjrtdgn9LlEnyzPJGiLcg0CyN1EEORNHPN4v0W29N_C72ED2JhPjaqmWRUFUmgdDjvyjk8_UXUPYLUvMR2m8vs3XjFEVSZPUssw_sp7kUWIbleuiQR0WNBTXog&sai=AMfl-YTKgkxM1XzD5BXn8d4LxmQw5m2xS1rz3hFfWbKFnPdFaLTIs5LgZJMqX8omnW717nQIzZpIRjxCcibuvBp_TWvSjY9IAb75xOfGWHTSJP6h8tLkzGZKWRR64wxrkQ&sig=Cg0ArKJSzL2_cUGgA7T0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 19:55:01 GMT
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIGxJ,pingTime:-10,time:1041,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704916501123%7C%7Cde14f037c2ee4a404c374c7ef0978d48%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7Ceb48b121d719cf55d4677ddd55eb65a9%7C%7Ce713c0c73575b9755ffd237c3644c8ff%7C%7Cdab181cbf19c82196149c40f31918cd8%7C%7Cf383b6536bc8f2c128111731c9a012ea%7C%7C08bca6bac7d8920e9181954e50e0d70c%7C%7C1663701684%7D
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame D5C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lr879iw8&c=3695354099960&slotId=1847677049980&qqid=CPnei_LM04MDFRMqVQgd1vYCfQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2095&mt=video%2Fmp4&vs=1024x576&ple=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E758 		0
0
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E9F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIGyG,time:1100,type:e,im:%7Bpci:%7Btdr:1016%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1090~0%5D,as:%5B1090~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:995,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:658%7D&br=c
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
file.mp4
r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D5C2 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.108.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s17-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 10 Jan 2024 19:55:01 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-4322611/4322612
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4322612
Last-Modified
Mon, 16 Oct 2023 12:44:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Expires
Wed, 10 Jan 2024 19:55:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 525C 		632 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGOjps_wBMAE&v=APEucNXQ6B3_hdzFFbL0m_0saWutIJ9fEoPfixUUvplDiErbXMXx2VnWC6Jwg68qxKVnNaMMrLdlL2X4fO4Ed2Eds0eY8QkV1K15yc507pIM-ty5EqogAgo
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9E9F 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 23:49:04 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 9E9F 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
85861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 20:04:00 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 9E9F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:48:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9E9F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 9E9F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:12:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C1A8 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 11 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 9E9F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cpvf4KyP3hAp9gUN1jDklTbHAjp27rwu0EmCAyEdowbAcB0rydl1T0t8Ow0c8Yni6xsCBqG2zgrwNPYGDgeu8fW4r4DSsmEAPJTD3zVlb9c48RF4U
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 9E9F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTfk9zT9DOFmALATr9O0zzAunKsIhOfwqMRClUtcBCM9M1RKGitnbGumP-jt04RDDaigaNekMJIk0qDiFV9Xt-Cr28cA
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9E9F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:01 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6EF1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
106462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9E9F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e2192ec24e4b219b3cf1b1ecf35c496b121c70b3570f5388893c05b6b9a6078

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C1A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAqJ87UsmOW6iuHSatnN-eE&google_push=AXcoOmSIYALygK0DGGtdcWjRjlio1VTyqaibL1HvPFc5VLKMwl1nk7aQ44...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAqJ87UsmOW6iuHSatnN-eE&google_push=AXcoOmSIYALygK0DGGtdcWjRjlio1VTyqaibL1HvPFc5VLKMwl1nk7aQ448wh2M6LEOBfvFcTfUfDii8z0xTl124IQLeAl2sMXU
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220058-FRA
pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1704916501.465598,VS0,VE96
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAqJ87UsmOW6iuHSatnN-eE&google_push=AXcoOmSIYALygK0DGGtdcWjRjlio1VTyqaibL1HvPFc5VLKMwl1nk7aQ448wh2M6LEOBfvFcTfUfDii8z0xTl124IQLeAl2sMXU
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame C1A8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEG_tHIF5fFCQnxtO45Z5Z1A&google_cver=1&google_push=AXcoOmQtcPiALl-wx0DBvxEqvKYq6JBcEb1LSQsfY2IFSRAmDr1vP86jp4VgBwXEsklDUYrRts-Tp6hMlvY9wMPDVe4oZQuBlXXE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FE721A3DDDE64E31BD9FAC6D37C1BAD4&google_push=AXcoOmQtcPiALl-wx0DBvxEqvKYq6JBcEb1LSQsfY2IFSRAmDr1vP86jp4VgBwXEsklDUYrRts-Tp6hMlvY9wMP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FE721A3DDDE64E31BD9FAC6D37C1BAD4&google_push=AXcoOmQtcPiALl-wx0DBvxEqvKYq6JBcEb1LSQsfY2IFSRAmDr1vP86jp4VgBwXEsklDUYrRts-Tp6hMlvY9wMPDVe4oZQuBlXXE
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FE721A3DDDE64E31BD9FAC6D37C1BAD4&google_push=AXcoOmQtcPiALl-wx0DBvxEqvKYq6JBcEb1LSQsfY2IFSRAmDr1vP86jp4VgBwXEsklDUYrRts-Tp6hMlvY9wMPDVe4oZQuBlXXE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 09 Jan 2024 19:55:01 GMT
pixel
cm.g.doubleclick.net/ Frame C1A8
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMhgIhRjU8XV2suykKatk7o&google_cver=1&google_push=AXcoOmTEhYGlIeZhRSpVbg6iH9TyViYKsj-Gj_0Uc3vUjshRq29UB6m87ZPXBahGjgOzGtzYxRVaCxR_H9A...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTEhYGlIeZhRSpVbg6iH9TyViYKsj-Gj_0Uc3vUjshRq29UB6m87ZPXBahGjgOzGtzYxRVaCxR_H9AFyUif0ye7BoWc4iga&google_hm=PpBN0I6EQNq92tcoa6KAlvs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTEhYGlIeZhRSpVbg6iH9TyViYKsj-Gj_0Uc3vUjshRq29UB6m87ZPXBahGjgOzGtzYxRVaCxR_H9AFyUif0ye7BoWc4iga&google_hm=PpBN0I6EQNq92tcoa6KAlvs
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:00 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTEhYGlIeZhRSpVbg6iH9TyViYKsj-Gj_0Uc3vUjshRq29UB6m87ZPXBahGjgOzGtzYxRVaCxR_H9AFyUif0ye7BoWc4iga&google_hm=PpBN0I6EQNq92tcoa6KAlvs
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C1A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMf_ss48IJevTPesVj6ZNvI&google_cver=1&google_push=AXcoOmR3v7IfivO77fOidykEsvgkV6FvrjlX0G2JI4hw3rx8DHcyfE4FYzkFxgh2jTpX0Vtmpi5M0FCWqgcjOL4NLpKF...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3v7IfivO77fOidykEsvgkV6FvrjlX0G2JI4hw3rx8DHcyfE4FYzkFxgh2jTpX0Vtmpi5M0FCWqgcjOL4NLpKFoSyPSWt_&google_hm=0HoC558RQVKCBNxo4VYipQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3v7IfivO77fOidykEsvgkV6FvrjlX0G2JI4hw3rx8DHcyfE4FYzkFxgh2jTpX0Vtmpi5M0FCWqgcjOL4NLpKFoSyPSWt_&google_hm=0HoC558RQVKCBNxo4VYipQ==
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3v7IfivO77fOidykEsvgkV6FvrjlX0G2JI4hw3rx8DHcyfE4FYzkFxgh2jTpX0Vtmpi5M0FCWqgcjOL4NLpKFoSyPSWt_&google_hm=0HoC558RQVKCBNxo4VYipQ==
date
Wed, 10 Jan 2024 19:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame C1A8
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJFrWS34HVInY_6BvSM7ho8&c_param1=AXcoOmSbXDtH9CAHq9A6uoFb2xdEvMv9-rg4tcDjubi5we56qgJpQzT71Qi1j8Ksq6jrk7qTMHVH2N67haRwYmwSbQNHA9RmrUVG&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSbXDtH9CAHq9A6uoFb2xdEvMv9-rg4tcDjubi5we56qgJpQzT71Qi1j8Ksq6jrk7qTMHVH2N67haRwYmwSbQNHA9RmrUVG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSbXDtH9CAHq9A6uoFb2xdEvMv9-rg4tcDjubi5we56qgJpQzT71Qi1j8Ksq6jrk7qTMHVH2N67haRwYmwSbQNHA9RmrUVG
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSbXDtH9CAHq9A6uoFb2xdEvMv9-rg4tcDjubi5we56qgJpQzT71Qi1j8Ksq6jrk7qTMHVH2N67haRwYmwSbQNHA9RmrUVG
date
Wed, 10 Jan 2024 19:55:01 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame C1A8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTb-mFAgGB7XyQNL4Ukr7SSH79O4M2W3elrbDB0hTW4b_j9p8jeYdWQfwhOVmdXt9cknCmB5Cff3XxCzX7p5qGIGdpMSEY
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l1HMaD1iQlmR3qVLy9C6zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTb-mFAgGB7XyQNL4Ukr7SSH79O4M2W3elrbDB0hTW4b_j9p8jeYdWQfwhOVmdXt9cknCmB5Cff3XxCzX7p5qGIGdpMSEY
date
Wed, 10 Jan 2024 19:55:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
spacer.gif
an.yandex.ru/resource/ Frame C1A8
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEF11Gp69vM-h7CeW3F4MiqI?ext-param=AXcoOmR7pzlOeNbmvUlLrvlR2uUT7iIirUEEQ_kWpoiliU--oBVGWDTNDmVOSuFjO24qRf0wpEQ6RDcTTdaT2yIsr5TDljAdMBx3&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEF11Gp69vM-h7CeW3F4MiqI?redir-setuniq=1&ext-param=AXcoOmR7pzlOeNbmvUlLrvlR2uUT7iIirUEEQ_kWpoiliU--oBVGWDTNDmVOSuFjO24qRf0wpEQ6RDcTTdaT2yIsr5TDljAdMBx3&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEF11Gp69vM-h7CeW3F4MiqI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 25 Dec 2024 19:55:03 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C1A8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8inwBqfiTnrlyYNzPu9yhidxsaKTUFaFvGWC347WQArpqx3y7LIB1gsA4pbQU2jyRxxWCrg
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
SPug
simage4.pubmatic.com/AdServer/ Frame 48D8 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
n_one_vway_lopesan-es_np.js
bucket.cdnwebcloud.com/ Frame 9E9F 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_lopesan-es_np.js?n_o_nu=not&n_o_aut_tc=380067063&ord=1310338644
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-50.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0858cce8f7c711ef2a0ee1a5bc9282b9831c477ce1058ee388d35268b7c916b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:04:40 GMT
content-encoding
gzip
via
1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
last-modified
Fri, 30 Aug 2019 10:34:27 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
46222
etag
W/"fd472fae696d03f19e9adea5b82f554c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
WgW47GR7PEL54XRoGLjYrPCrG9wyXQAW0NCNFpSlpt92kx6qFJdRXQ==
index.html
s0.2mdn.net/sadbundle/7807502787547214445/ Frame B806 		158 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
1ca7faf07bfa3245a65c7fa49eb49bce95e31a30d33cdc67fadd6670a50c67a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:01 GMT
expires
Thu, 09 Jan 2025 19:55:01 GMT
last-modified
Thu, 19 Jan 2023 10:25:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 9E9F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssrKsGzIyEj_yL-Zd86twNDrK99R17zsk-oK99amf2xS4oLi8sNVYLerR1xsj6vOVyyE_Ln7ZZhdh8CJS9_akfki22JBCsmetNXGMX3gTwpXhKbXXTYFjH2J9iQz2FhHD0Y5KUeTxjFJGiOdmdLwaBkmDtGmP6wOHPvQNe9teH5oNxQg_T39yz7uFxR5fo1vdmZhRexNV1S1Wyrdp0zGepsZO74Lbtw9MXlAutUqnj8d8AzkYwJNof_CFU5BOZzPxfOJNrG51cj7P6XljoPOdH4Nia2shJDYx-E6IIszBzCuzagqspFtC_g2uOvo7MWvAfFA7NkJNP9u6fjRHKbie5_uw4c1Y1GqF45HAhDIMsNwhCouIQBG30Zaoj4iGd2HRouwGjCA0VJx-JslNA4_r2duRmBfNkGtm9Au64nK1PG2urQTxGKMkcF4KTjQmRxS4HKQa3-sZAntaXOgMzQoxGjF8CSC7i8w6WFAURW2mZPr1VCwLWbzITHSPNSsSvGJmB1i-ctbvChOyx1zVqkIxnBx2LpIGxBCmirae5zDLIvEugBjAjfcua_93zoiGbIciz0yYY9SS_zwI-aF3DSH9fIyKeuyW6k5EOJrEw5stkBS6hj-flkKOGcgPxnJZxcO1TqTVEeEVGLFlrlOS8A8PPgqXIpAINJsYY_Anb4JtCCd7ayNYRzN2FlYfU7ALmPoCk9_TW48MTSV60WBEz6AzYvcR_WWnvElChCkCQwzg0FPNqNeCJKwFneuy1YfNnj0ksXv6-ysPe9fpozCOq9DQTv9d4EjvwEKT6Ueher7UrfrcYtImMxtHMQxp5x_CMxIMWRKQC__o0xPP2ZPEhzjnw0K9cK9FPwOI3zH3_Fx1rl-0_Scmpn-Cm4wwOv1PZ8HKrLjZudyCgOlFAK9K2XyLZckK8PALv__GeufllK1rlUmWet35IBJHllzcgL3FCTXLfxEZGIfqm4CnjOLdwmN6XutZpi26Ep-SVCvpc0UiqmufPAymlJWc7GHoQqC8VJRtpf-NZBNwG5lX8D4X8Qgr41TUE1yBrSGel8B7YVVKQysedCwtdVgA-S9Wvrw2MNo4OEytdo_Sfk5qi2o7a1NMCSx5-z1p854hcS00P5kipGRzj1L7PyxjTYn3A-PkOG-XJKL1bIN9IaHlVsyEVfvy_dDlgn-RnV7Mgwri6MxXN52jghrQQqvdNKMTArMbR0e3OUrehgZ1wC5Masq7hinAtk8iUr96ikejIX7Nw8jn8meuJqPF_QT-gsBiIAoA_C8lPsE7qv4_oggCIe5_VRW5cZ-fSjYlahl4sJtI4ZCe78GDaDSvjYBX0fzzZcey9yPJzuIgZqjG4pnQh8PEBjvwtv6wCfKzrX0J60JOlKVANqhc180aIwzOhqRN0OC7suHjYq5u3vUoouX9A3bHrY_7CsI6XYy0sHRWgpa1Y&sai=AMfl-YTIWsXnr4OhYLqZIKJNCLhX8OHoQ03GfFEzaT3vxiBUptNL1X6BDwpvJZGG0n7_BqCMplJ9OB3S8UVnfLUCPEmmIVv0PN0laJKUYgswUnAxd-ah-K8NwPy7NWbbASfTx2Wd5BoV075lD6GKIlMI0E1nk5RBXmalOLcz8PcBWvtH5hl0BXmZ0u0UCYcr4KjEBrdX6MdmTeIL5E7P0CZ8iLmwkAq4J2-IjinqdmvNkyWDKC-POzOMnRTMcz1f99Oupwz573DpChwC7BryhR40cclg9UZ_AG7ca2OoouASyPfErgz08tfNNIWT9QJ4Rxck8m7DAfcTDefR8l7xjySqdtn_Ax3wPatU_cf6Ktk3j3YoXs8YVDcG3oJOUxfaRTddAHHhKeDMjbx7ja4eZScqOW78Y2DzYVskFNBN5Cs&sig=Cg0ArKJSzO4RWGZyRFT9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sb3Blc2FuLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=86&cisv=r20240108.10326&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
setuid
ib.adnxs.com/ Frame 525C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEO7zhPcX3RA8yx5PqT_l2bQ&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEO7zhPcX3RA8yx5PqT_l2bQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGOjps_wBMAE&v=APEucNXQ6B3_hdzFFbL0m_0saWutIJ9fEoPfixUUvplDiErbXMXx2VnWC6Jwg68qxKVnNaMMrLdlL2X4fO4Ed2Eds0eY8QkV1K15yc507pIM-ty5EqogAgo
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
an-x-request-uuid
3b5bfe92-9e07-441e-8df0-4b829d10f334
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEO7zhPcX3RA8yx5PqT_l2bQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 525C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGOjps_wBMAE&v=APEucNXQ6B3_hdzFFbL0m_0saWutIJ9fEoPfixUUvplDiErbXMXx2VnWC6Jwg68qxKVnNaMMrLdlL2X4fO4Ed2Eds0eY8QkV1K15yc507pIM-ty5EqogAgo
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
an-x-request-uuid
ffeca151-5506-46a0-96d7-ede99deb430e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 525C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQq5t2dPKScJAGPLbZqcr8&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQq5t2dPKScJAGPLbZqcr8&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGOjps_wBMAE&v=APEucNXQ6B3_hdzFFbL0m_0saWutIJ9fEoPfixUUvplDiErbXMXx2VnWC6Jwg68qxKVnNaMMrLdlL2X4fO4Ed2Eds0eY8QkV1K15yc507pIM-ty5EqogAgo
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQq5t2dPKScJAGPLbZqcr8&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 525C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk2Mjg5ODItMjM3YS02NGJjLTRlMWItYTkzYzBkZjdhZjU2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk2Mjg5ODItMjM3YS02NGJjLTRlMWItYTkzYzBkZjdhZjU2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGOjps_wBMAE&v=APEucNXQ6B3_hdzFFbL0m_0saWutIJ9fEoPfixUUvplDiErbXMXx2VnWC6Jwg68qxKVnNaMMrLdlL2X4fO4Ed2Eds0eY8QkV1K15yc507pIM-ty5EqogAgo
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk2Mjg5ODItMjM3YS02NGJjLTRlMWItYTkzYzBkZjdhZjU2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B806 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 04:12:33 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 6EF1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7556 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuWe4JCKSSzknV58TmP_16ywO9Cx_lnics1G4sqTu0ZTzFu_Zwjr-e6RMEOF_ki73p5t74uNm45-d6hEaXuHsBAKtj0aWj815Fbk0PI4FixVU_I58IObROiBiQoVY0vazh_-H1xJUC0TYbiEfYUNuD5mxX&sai=AMfl-YR1OCuUE7YcC4W77bvSgE12u8Fghnq9vYkuWerAIWx5fif2sGA02HGmmEchk7JDJ0Esj-oKq9okOcFRYWkyLpcaq63QBPk3L2Ki0JiM_lXo89VtI4rxcRZz-os&sig=Cg0ArKJSzCJgctNKVm8yEAE&cid=CAQSOwAvHhf_dskJeOVOlc9Hy3tmBtwSQfPZea4oNJXamZERU7gicaKlJNl4Riu4et1_RGE0J3M8okNtSMtMGAE&id=lidar2&mcvt=1001&p=377,1074,627,1374&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1708490306&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704916500231&rpt=205&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 9E9F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssrKsGzIyEj_yL-Zd86twNDrK99R17zsk-oK99amf2xS4oLi8sNVYLerR1xsj6vOVyyE_Ln7ZZhdh8CJS9_akfki22JBCsmetNXGMX3gTwpXhKbXXTYFjH2J9iQz2FhHD0Y5KUeTxjFJGiOdmdLwaBkmDtGmP6wOHPvQNe9teH5oNxQg_T39yz7uFxR5fo1vdmZhRexNV1S1Wyrdp0zGepsZO74Lbtw9MXlAutUqnj8d8AzkYwJNof_CFU5BOZzPxfOJNrG51cj7P6XljoPOdH4Nia2shJDYx-E6IIszBzCuzagqspFtC_g2uOvo7MWvAfFA7NkJNP9u6fjRHKbie5_uw4c1Y1GqF45HAhDIMsNwhCouIQBG30Zaoj4iGd2HRouwGjCA0VJx-JslNA4_r2duRmBfNkGtm9Au64nK1PG2urQTxGKMkcF4KTjQmRxS4HKQa3-sZAntaXOgMzQoxGjF8CSC7i8w6WFAURW2mZPr1VCwLWbzITHSPNSsSvGJmB1i-ctbvChOyx1zVqkIxnBx2LpIGxBCmirae5zDLIvEugBjAjfcua_93zoiGbIciz0yYY9SS_zwI-aF3DSH9fIyKeuyW6k5EOJrEw5stkBS6hj-flkKOGcgPxnJZxcO1TqTVEeEVGLFlrlOS8A8PPgqXIpAINJsYY_Anb4JtCCd7ayNYRzN2FlYfU7ALmPoCk9_TW48MTSV60WBEz6AzYvcR_WWnvElChCkCQwzg0FPNqNeCJKwFneuy1YfNnj0ksXv6-ysPe9fpozCOq9DQTv9d4EjvwEKT6Ueher7UrfrcYtImMxtHMQxp5x_CMxIMWRKQC__o0xPP2ZPEhzjnw0K9cK9FPwOI3zH3_Fx1rl-0_Scmpn-Cm4wwOv1PZ8HKrLjZudyCgOlFAK9K2XyLZckK8PALv__GeufllK1rlUmWet35IBJHllzcgL3FCTXLfxEZGIfqm4CnjOLdwmN6XutZpi26Ep-SVCvpc0UiqmufPAymlJWc7GHoQqC8VJRtpf-NZBNwG5lX8D4X8Qgr41TUE1yBrSGel8B7YVVKQysedCwtdVgA-S9Wvrw2MNo4OEytdo_Sfk5qi2o7a1NMCSx5-z1p854hcS00P5kipGRzj1L7PyxjTYn3A-PkOG-XJKL1bIN9IaHlVsyEVfvy_dDlgn-RnV7Mgwri6MxXN52jghrQQqvdNKMTArMbR0e3OUrehgZ1wC5Masq7hinAtk8iUr96ikejIX7Nw8jn8meuJqPF_QT-gsBiIAoA_C8lPsE7qv4_oggCIe5_VRW5cZ-fSjYlahl4sJtI4ZCe78GDaDSvjYBX0fzzZcey9yPJzuIgZqjG4pnQh8PEBjvwtv6wCfKzrX0J60JOlKVANqhc180aIwzOhqRN0OC7suHjYq5u3vUoouX9A3bHrY_7CsI6XYy0sHRWgpa1Y&sai=AMfl-YTIWsXnr4OhYLqZIKJNCLhX8OHoQ03GfFEzaT3vxiBUptNL1X6BDwpvJZGG0n7_BqCMplJ9OB3S8UVnfLUCPEmmIVv0PN0laJKUYgswUnAxd-ah-K8NwPy7NWbbASfTx2Wd5BoV075lD6GKIlMI0E1nk5RBXmalOLcz8PcBWvtH5hl0BXmZ0u0UCYcr4KjEBrdX6MdmTeIL5E7P0CZ8iLmwkAq4J2-IjinqdmvNkyWDKC-POzOMnRTMcz1f99Oupwz573DpChwC7BryhR40cclg9UZ_AG7ca2OoouASyPfErgz08tfNNIWT9QJ4Rxck8m7DAfcTDefR8l7xjySqdtn_Ax3wPatU_cf6Ktk3j3YoXs8YVDcG3oJOUxfaRTddAHHhKeDMjbx7ja4eZScqOW78Y2DzYVskFNBN5Cs&sig=Cg0ArKJSzO4RWGZyRFT9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sb3Blc2FuLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=277&vt=11&dtpt=184&dett=3&cstd=86&cisv=r20240108.10326&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 940B 		0
0
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D760 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
noah.min.js
bucket.cdnwebcloud.com/ Frame 9E9F 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/noah.min.js?1704916501545
Requested by
Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_lopesan-es_np.js?n_o_nu=not&n_o_aut_tc=380067063&ord=1310338644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-50.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 01:39:27 GMT
content-encoding
br
via
1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 14:02:49 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
65734
x-amz-server-side-encryption
AES256
etag
W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Hc05MDlYngnRdN5Ihu2i_nXUnrvn0FOdTdXYMsWplRCAR-eTDRV2EA==
sodar
pagead2.googlesyndication.com/getconfig/ Frame B806 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0fafebe2bd3d5c2274764e25c340e8d83a18cbee83349ffdbcab89e676e564d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5966
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6B81 		462 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDpvwEQ1Z7BARjhy6_9ATAB&v=APEucNW6rbkdNLJCf215TuZ3gx7lmLC27K4aYEM8_pr3FMFhzH2Flc3RgSWHdMQK2eskGhd1WL0SqWUBJdPKp1OTeqbxXuAf_RAgNn9TOT0vZrA4y7WwvQQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D760 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D760 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdybFip2HSZtmBobwgenbZOczdhbeoNa2_oQk2yR0GCZUD9u9zUxs_jLmFkRue_rCTde7JUUSVVbQo-ciRr4zW_uT9ATbO7Y7WKKEiyBa1NuvjtIE
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D760 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D760 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame D760 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhO1s95Rmi14WbKcKzCcleYUAGIz4l5Vb1CgNpf50cn3enjYMRKwVRQiyz4GZzEijsdKYQyinajKTq5SnYWGnItmOzmA
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D760 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EF1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDmbMFPaeZemsNfGD1PIP7vWMuAEAAAAAOAHgBAI&bg=!FBelF1jNAAaumcC-jpk7ADQBe5WfOEhARaKTislb01FlOS8S4sjJ_OGDkLcrIG029E5qoJzZ9a5wwzAT3j-8RcAVQdBnAgAAAHNSAAAABWgBB5kC--BLny7kBb0r83A0IH5OB5EDNd9TA-hio6ZI4AD1o0WHnfdB2kFPCHcSmng6vivjiITbjqbAMdRa6y0axUYf8LC7O3R7DhbmYQ30gKEx6JRWNFtUTRUFfuCzr5PbHHNuvi6Fbm08-cu9cjZSCRkNwSBdt5sfuaR2xsI1tna6J1wN7w8NPNHrW0k4fxtaRkAOJrUOkthQQj63MBsDzKFr66bGEmWoxk0PVoq8Ov1c5YXPkPhBWex53CxRvQa9bPlLq-1gEZz4oKD2lLpvJmYNEe6VSy1Pjf37n-6GOSD72WhZcYonJKVidK7e1rYJINoE8yL4RFfH_tRGpIDvczFR0H5fK1VHSZs37qLCD4TOWHWHN0Efihi9RVD0y0riYhUT9_XjWqWrMO4xRmXZRn5iyhbbZOvzpw2MhfZsPYlrOyNOzXAuKAWmv5Qy7VaXbQ3bmO4VYdMmpDVOcb26QJL72o_AAB0WOUVskjv2Xc-FUBhqwf4HhFv7uDr_meNDDf5AJuo15XsZ_WaZmgNlhcjCny9y7_VDgRyS5Al7mHi--nk-XgjsLdFUmRctsTDMStJXyT2s-mazvsI8IlPlCpRgbvsz7Y1WisCz42rBvDWfXCXBION1F5CDO01Ob7QJSQRcOCAu76kW7Hq1UwKla_auJwcSXnkW-Gmhm_yVwmjRl9VLw7ci3aa3FboskBnVZgBbFXIaFpX-W_oT09NZ1VwcojeEYqA_8x8vaMcDfch43Hc8CgupCAXncKsxYpF_ThMWLd9OYpxCkW-0DsuJhUFBjjYpQrM3Sny28hPNyr01FbNUHMqO_3Ur_gTZcTRxS1iZVT83wv33SgXZiPrXoJ2g7rpNIJXpWR9sFtgyO4SQp7xRaXC_HkpXDvn11waOWg0-KvjWnHxTHej_ixyFmKdldltHUzRsmuTeRu3HVZcJ8OL-TboqwjPCtaIWzaAG6toXReL3wTz_6Orl0eEAPxVMgtlv2OV-vXtfNT0jvmuSyyakWBQbtFhHPzq5qPY
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
60031878_20221006052603478_lopesan-costa-meloneras.svg
s0.2mdn.net/ads/richmedia/studio/60031878/ Frame B806 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60031878/60031878_20221006052603478_lopesan-costa-meloneras.svg
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
789bd27140047af9fdc857db7edd9c82ad0bf4bb7f0dfcfe88c1895797f338b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3477
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 12:24:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 07:49:31 GMT
60031878_20221006052600391_lopesan-costameloneras-658x1152.jpeg
s0.2mdn.net/ads/richmedia/studio/60031878/ Frame B806 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60031878/60031878_20221006052600391_lopesan-costameloneras-658x1152.jpeg
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
6afba1a11e41d2d4c6238629c5c39f4c621dc3ba946438e98996cf68a1559172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:49:31 GMT
x-content-type-options
nosniff
age
43530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53860
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 12:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 07:49:31 GMT
FrutigerLTStd-Light.otf
s0.2mdn.net/sadbundle/7807502787547214445/ Frame B806 		28 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7807502787547214445/FrutigerLTStd-Light.otf
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
9c10c88ed20928a67c7617186630e1da72909034ff10e6b86a03cad1fdcdf8d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 06:58:28 GMT
date
Tue, 09 Jan 2024 06:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132993
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20663
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 10:25:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
FrutigerLTStd-Bold.otf
s0.2mdn.net/sadbundle/7807502787547214445/ Frame B806 		27 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7807502787547214445/FrutigerLTStd-Bold.otf
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
d5fb3dde4fb8a635ced4abd35dd9a3dcab999288a46159e7aa0c2e6234e5888c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7807502787547214445/index.html?e=69&leftOffset=0&topOffset=0&c=p9UIehZy9I&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:08:44 GMT
date
Tue, 09 Jan 2024 09:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20249
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 10:25:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D202401...
ade.googlesyndication.com/ddm/activity/ Frame D5C2 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1704916501653;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D5C2 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ&sigh=-Q-LLmiXsk8&label=part2viewed&ad_mt=7&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1704916501653
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D5C2 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAl1flXMUsh22MhxatDmoh5fM_OqU0rznLqX9OzEGEZs4En94KzpfIZPusbroea3Ov6FVKwnElGdnzf-X5dNDzaAca2vbOCtU-Lsfnp8wAKHKfC2-IVONqUwKO8QTTF28eZykqulHWdzV6GmBBSstGl5RF7jI0d06axQ-d4Nj8RpJBo5nc8B0Frbo4qDsl-4yNKdGVd5b95ZCteFeJ9T0ro6kIG9aYelPtunGlKDfLauYvI-7rwIPFu4vwTTvF9whr36ic81lxFFtmo8wT0pVEYwvPjXNrL5hsJrui2-ZiISEP_8fSba1cHiJnUYp5yhS6wr2mIC9Q0oDVbN8b_fzU07io-ZlBkDS7MULUGlcwHE5OihQDwMYPXfVGR5rWtVZ6A4n3nQqRCbkziiKy5A7uznvRiKQtbs55ld4X-kzFPO-Vwii6ZhNX5HX0bqW7rHQdKPjysqJ2q40rWRzK6A24VghmB69n3k0V9cwjYCXus_GJZao8FefDtJjneRtmwoWSoThLQLXdcwoagEFQEYYfRdDp4LrhMT7VHEnpbecK28RNT0swPMcXqqdyENZoMMCyuRmKr3-kojVgPXSwLCbo8syXqZUU7tiKdAQftwMNNbvZVI9RsHWBN9W4Nee4hdsvCgqaWMqBN-5SMzCyZ0aSSLTtR4iAw3CdWUUT3fATzpW-5UU31m0KTzhvj-1T852o1bA-Lvr9eKDa4zlh4VfOSvkkemf2N6ZpyASPhQon_EpOeevn4y05AtKsmYmfCAbPteKN1Fo8JP6fRGNgSIOo8yMKAPU_pbfNDXTc7e68I4CreqcfxwAddzAYIDLBhf-5Gj1A0gJ1at-OQbiDU2bJKjUZrMQWU42yQSFAg8CXjQOTnpufx5kySOHkhAVYYPcX5WbxKYsMn1Hn-y0YDZgmjzsOX6cNyBuKUnKhiGEYo6652JFJPYZ6X3x6cX3FS18GVoAPTdmFAlL5chllv-NgfoEWfDPc-75R3ltB5BrODngKohI8_XGxeKBpy1A5Y5rax_H9VoU4dzsLzoYJ0yOIrEUKSMKIttlu7H4SUwYp_BRCV-aMhp8E0eLdti4S2DdAzWT8D4JGEsnKxz8FuV_eTJkM-bU12V_KlFoZNj4EhAe_Do8MIsQwp_21LUXyntT35yel3Vz9S8Q-ji0IA1HW23b-CD2XvBs3XzEDdgNHtBkZoPLY6Nznug1oEicIm6uaXvdSXx2Kg_kPIm_5P9qXUYNqw9IDlQNPLQPA0kOKrqzkNZyuXGErcJPoCD8OXflblmAaV_JYLTf5UXAWmu2taIji_stt&sai=AMfl-YTeTupPvpV2ekNHg_YgYuI8xwUG6mA0OiqWRJgAWECZ9rP4FjKpmMdrgTIvaYe8BIuBtT0ZauD6Ud32WMudQlo3i_xedrIjbWNXjE1Ej4hvwVlfXHl3RXwsxR7pGx4Kx_ytMBSJ5cp1qXAVp0DcMoinaDR8K34_qw1dye61kiWKdtnfzEBhBnl0Zi47fz2BlD4M_CGXOlQ6m882XFY68fEBwtQN529GrSrI-tG2zJYJGktTapPmscIMiP8WtWuPZRR3q1NCDDuzZKf4ps4flQ&sig=Cg0ArKJSzCR0q7knu-lEEAE&uach_m=%5BUACH%5D&pr=13:ZZ72EgAAAABtzluAS51XtfMixyBV4VPTaeed5g&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame D5C2
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCtpL-5Ahjbj9j6ASABMAE&v=APEucNVwbtxnb3yBqDyGxqjTXYByxB2ak_y9jEJC2ONB3J4TBZPgXlie71jWuzubdkSy_s_4-h3lbilPstTcvY4Xu6KILak6prhI2N_BT-B4CG6ZRoqAtC4
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEDmaoitjofR-cUYZkFJSqEY&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEDmaoitjofR-cUYZkFJSqEY&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=d8a8cbc05c4cb42f87c6f0b12e632bf0&uid=d8a8cbc05c4cb42f87c6f0b12e632...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:03 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:55:03 GMT
Last-Modified
Wed, 10 Jan 2024 19:55:03 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
37c0ab46-168c-4362-a0cb-be6e000f8e9b
a5220.casalemedia.com/impression/v2/238492/85/cmffc4hn2fnck4mp19og/ Frame D5C2 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5220.casalemedia.com/impression/v2/238492/85/cmffc4hn2fnck4mp19og/37c0ab46-168c-4362-a0cb-be6e000f8e9b?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1704920098&profileIDs=&creativeID=a99300&pubID=186407&format=video&channel=site&ap=ZZ72EgAGxvkIVSoTAAL21pzq_BiWA8ZorYd7SQ
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.134 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 19:55:02 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame D5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzwqcEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT5AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2bmNZ2G4CJ2UxSRcFSz2KL0xrhruoYdrfvRAmgjzPKxfC19GNHV7OAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NIAKA_oLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=Y2P9iPNy_ow&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_UbCZAdtguJrBrnyAIfNMlb0CukwV5ITNyo_Oqw-1-9eWzw4U-kLwcYexYKavqvcL9UjmLJRsGAE
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D5C2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEVo9o9wzhtoAtpPohhusQvvVQs3pkmNsj-KVfKkqMUN1FqnSGH3khRhzkMSds_owE2h9K9y65YkPrOIkXGJOLKafAFaJONk6izgQFo63FqBendRF8fN61OV3o9Uo&sig=Cg0ArKJSzHrSY9G-E-OPEAE&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1704916501653&avm=1
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5C2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvZx5PibqfuiYl-iXEjW-wD_H-VNmROcb6YySRH8MpkyxNJfQGaEAydC2SkddqUf9mf6QeH--pfkyOrSmTy89HIkDFK5JlJWrLGxMke7iJv7aa7zgr2fkF&sig=Cg0ArKJSzAubahY8GrrCEAE&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1704916501653&avm=1
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D5C2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ&sigh=-Q-LLmiXsk8&label=vast_creativeview&ad_mt=7&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D7%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1704916501653
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D5C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lr879jmi&c=3695354099960&slotId=1847677049980&qqid=CPnei_LM04MDFRMqVQgd1vYCfQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2095&mt=video%2Fmp4&vs=1024x576&dm=15000&umsem=0&event_name=first_play&asset_bytes=197937&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.2kn~ff.2l5~videopreviewstarted.2l7
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B806 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 19:55:01 GMT
um
sync.teads.tv/ Frame 6B81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEH9J5tvERLoKk1gxHAbNDcY&google_cver=1&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEH9J5tvERLoKk1gxHAbNDcY&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDpvwEQ1Z7BARjhy6_9ATAB&v=APEucNW6rbkdNLJCf215TuZ3gx7lmLC27K4aYEM8_pr3FMFhzH2Flc3RgSWHdMQK2eskGhd1WL0SqWUBJdPKp1OTeqbxXuAf_RAgNn9TOT0vZrA4y7WwvQQ
Protocol
H2
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 19:55:02 GMT
pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEH9J5tvERLoKk1gxHAbNDcY&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B81
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NGNkMzBhZmQtOTU1My00ZmE1LWJmMmEtNWU2ZjJhMTYzOGU1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NGNkMzBhZmQtOTU1My00ZmE1LWJmMmEtNWU2ZjJhMTYzOGU1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDpvwEQ1Z7BARjhy6_9ATAB&v=APEucNW6rbkdNLJCf215TuZ3gx7lmLC27K4aYEM8_pr3FMFhzH2Flc3RgSWHdMQK2eskGhd1WL0SqWUBJdPKp1OTeqbxXuAf_RAgNn9TOT0vZrA4y7WwvQQ
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NGNkMzBhZmQtOTU1My00ZmE1LWJmMmEtNWU2ZjJhMTYzOGU1
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 10 Jan 2024 19:55:01 GMT
sync
partners.tremorhub.com/ Frame 6B81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEOTsdbfE7uCr8UEUYyUgluQ&google_cver=1&gdpr=0
43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEOTsdbfE7uCr8UEUYyUgluQ&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDpvwEQ1Z7BARjhy6_9ATAB&v=APEucNW6rbkdNLJCf215TuZ3gx7lmLC27K4aYEM8_pr3FMFhzH2Flc3RgSWHdMQK2eskGhd1WL0SqWUBJdPKp1OTeqbxXuAf_RAgNn9TOT0vZrA4y7WwvQQ
Protocol
H2
Server
52.87.8.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-8-97.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 10 Jan 2024 19:55:02 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEOTsdbfE7uCr8UEUYyUgluQ&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4840 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCfiQZvZms1wh2NIZckaVclSAJE057pz7u-EwBWL-1VNdT4vy1S0adsVYvwf6psbCx1P_mWpfFJW7iI96Dw5-p9XnAJK6NGfkLlErqGuSMjG9x61qG4Utgbb48dhTr2kBnhhaaxBKHPw_4Hz3upXz2EMWP&sai=AMfl-YRFqIwaQPtRWEj802yEtDAkC-7HBhiu9dtpZFe8fnNKOPpEe3oYQslS9vnOcVQfgdaGt3bY5Ofxip82Q1LMKKuO4kok-aC6ybnToj1wniP6rnW4Yv-et0bJ2Ro&sig=Cg0ArKJSzK-cw_mBI8obEAE&cid=CAQSOwAvHhf_mdRDRegYqaydrdb0GSx-h5ZkjLFAPQ_6Yu6a82uAcPdr03XP8UhBtxJu-mA1aFaUyX63X2PmGAE&id=lidar2&mcvt=1000&p=377,226,631,526&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=853106530&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704916499545&rpt=1261&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 48D8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1788702&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f592678971e1352cbe2647a6551a37f055e5db589d9c6215efa7b5c181cbdb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 10 Jan 2024 19:55:00 GMT
content-length
1571
content-type
text/html; charset=UTF-8
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 8AA7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
avw
neural33.cdnwebcloud.com/ Frame 9E9F 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural33.cdnwebcloud.com/avw?1600119749937&n_o_aut_tc=380067063
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.123.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-123-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 19:55:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
c1.adform.net/serving/cookie/ Frame 1295 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 10 Jan 2024 19:55:02 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5C04 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9751CC68-3D62-4259-91DE-A54BCBD0BACD&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:55:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9MZSQEH2F7A31F5W09CK
Pug
image2.pubmatic.com/AdServer/ Frame FBB3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 19:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 10 Jan 2024 19:55:03 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4197
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4261276730387416164&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4261276730387416164&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 19:55:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d1e637ff-de42-4375-a263-375b466255ce
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 19:55:02 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4261276730387416164&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3C07 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID9751CC68-3D62-4259-91DE-A54BCBD0BACD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 19:55:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4KMPGBSACBKTDZBT8NJP
mw
mwzeom.zeotap.com/ Frame 48D8 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=9751CC68-3D62-4259-91DE-A54BCBD0BACD
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.50.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:03 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
843779b05bfb0e46-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 48D8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9751CC68-3D62-4259-91DE-A54BCBD0BACD&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9751CC68-3D62-4259-91DE-A54BCBD0BACD&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9751CC68-3D62-4259-91DE-A54BCBD0BACD&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:09 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:09 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=9751CC68-3D62-4259-91DE-A54BCBD0BACD&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 48D8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9751CC68-3D62-4259-91DE-A54BCBD0BACD&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b651756cdccbd741/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f2039597f87c217357776fc18f758fde&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=b651756cdccbd741
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7aca9bd1-4597-4ce2-4ff5-b62191a0bc99&reqId=2b0a0fab-91aa-4391-5251-ac74c814b660&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECZaeQS2s3xcmeDAfYBwOpQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7aca9bd1-4597-4ce2-4ff5-b62191a0bc99&reqId=2b0a0fab-91aa-4391-5251-ac7...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECZaeQS2s3xcmeDAfYBwOpQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7aca9bd1-4597-4ce2-4ff5-b62191a0bc99&reqId=2b0a0fab-91aa-4391-5251-ac74c814b660&zcluid=b651756cdccbd741&zdid=1332
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
104.22.50.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
843779b6586d0e46-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECZaeQS2s3xcmeDAfYBwOpQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7aca9bd1-4597-4ce2-4ff5-b62191a0bc99&reqId=2b0a0fab-91aa-4391-5251-ac74c814b660&zcluid=b651756cdccbd741&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 48D8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
9751CC68-3D62-4259-91DE-A54BCBD0BACD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 48D8 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9751CC68-3D62-4259-91DE-A54BCBD0BACD?gdpr=0&gdpr_consent=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.111.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-111-87.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 48D8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9751CC68-3D62-4259-91DE-A54BCBD0BACD&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wSNq6exE2uUGt98Hv70Fr91xVcGkWTU-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wSNq6exE2uUGt98Hv70Fr91xVcGkWTU-~A&gdpr=0
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wSNq6exE2uUGt98Hv70Fr91xVcGkWTU-~A&gdpr=0
date
Wed, 10 Jan 2024 19:55:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E9F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8a5Ov1J7ep6G3T_SI9RAVnYPOOkqOkKwSL4jDzVbmB5DAHwRMd2v1-Lb4BSbQAReQ0HyP9hVY60xhm6mvnMTNXWwnEy5DXcqkXWcrInzaStzXdgmp4MWHFqHsVSrLduzULC-6-P9nwHQAwuuuBB2TgiJr&sai=AMfl-YSeplhlhaFCoOFEJX7WID6Vk4abyxPIY2BBG9IYaqsqWwWpPxye5wuHutalm7Hm1LFF5fTHMH-KCZq2TZL51p9BDkpFYbli8HsR8-yARZpKGQYHwuigRMB2HFE&sig=Cg0ArKJSzPekrWjyFO0oEAE&cid=CAQSOwAvHhf_lS5461xhOLS19vg8sk5nIumJpvjvV5Xo8eRXX9o7RjoVaQ4UPXP2kj7x5tiR--23l0qzaQZ0GAE&id=lidar2&mcvt=1001&p=1094,315,1344,1285&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0.42&if=1&vu=1&app=0&itpl=20&adk=1905034420&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704916501167&rpt=200&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E93 		0
0
container.html
8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B5E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:54:57 GMT
expires
Thu, 09 Jan 2025 19:54:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4840 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1908059907729&version=m202309260101&ct=76&x=1&cor=9137077900017383000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8EEA 		487 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CISfMxDJgrgCGOiqgfQBMAE&v=APEucNVfDMkfoG1IGIKGPcYNSnk1WDFBN1OogvhX12Jvw84rIOYA-Lx10KxZZL6yuYHKPwi6x707x6XzqyFK7J1IFrBDXIo_HWDZDXnf4k1n4idXc-Jd2VY
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
fc48643d0ba513aedf1c305b8a0f9c72f2a73d935ec52ca53bec89ca67758201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 3B5E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:48:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 3B5E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
85862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 20:04:00 GMT
view
ad.doubleclick.net/pcs/ Frame 3B5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvXXDQG6tSOmbsz3HXdXVahoLDmsPZTpKW4PDAUEoM6IxSLJukfOnAiio-WfZ17NRpkq7KnZzAAU4MPg3T33692gMKesJI3uWYnotT0MQde3Z3qBOUwT0UqQP5RAOMr7O2jRVbKDCx_V7viavoVIockQ60n6GF-K48vEwApCnKKS8Bet86ewmpEM7PAn3xnHrB9JK90EbyDMXjApJIZUXUQTJuxGDaB_65g4t9SXVooYsNO25Zjol6ldVVrCe3nX493OGzQqUdoeldgNnQF670p43tUMJPAj0TxpCiRkTDnj9g5wOPaaJ2xjox2HyND0tTZ0L069Fvh9FqJLxGD5X7Ls5WJiuFnRM5A6k5B0bZQFdIy1ajCiCGbJTJcu5myqwnjYXzgkPgmkehOHNNYqR9EsX9pj62bM2blH9ug1Btp2NiaHdnKjVAQ27sxX4T66LOm-P61FGf2flE2_TbvzzfFdVpUCbIU_5giWhSWpXBECX-z84iS40O_i9001DyZqhnIXIEQcNdE4uWKCyx6Ct0uNEf8CdrTFtWgjbbSI4XGOQm_-eQUwY-lXzNf6kxsGZUAIYfDOCVPIDP5JzZX78Uqt-v6YLqP7fkD4Jyufs6amM0stDgyiZDZm3FfUHSe_L4FvSuMFVrtW5Mb41LwlkvuZbzW-muMpWF3TbhiZ4zYKlwpCliWMjC_Rgi5tJ7QxcP2rxnX3Gco7ZsnQF10KEXLCWG45cCbVbHB_7fIOAfC-bJzuarQjgADrSZ5XdeZ7Trmihv88q6l1h-JeX_L9F-VCDtGiM01VH90eng3TuJ4yfJBPHoGUQPgdKx2JgPB4YO9wzf2ctn0nZe_q4_bbMC5XbJrofwZdVU5btcDkmYFOEhOvE93F-WnC03CbjlTxzB1Fo7i8bcebgnwuu_zhMufBVPpumzfVfgf7JH5EfYOnFttRBj5ZxI1aNm-Gdv9uqSiUIZbO9S0-Gaec4a4T_MTjmKWlGBD7eKiW6To9_SK9xNZLHliowLPD_kPSD20pDaNQ6dH8BZQaNs-uTC9sCuR8TDrOFk1VZRYPyEpIaA9OaqT8waaiVgn1AUDQId9ogpNACdnHKHRxtLnUM2TnBc6jZ2YJCJBHjBf2Ju5NJ7CPL2K9mjhA3Je5rNjB-VH45ZvZ7f6fmBxW2tI4jl8kxrm_s3FjsJWGvgIExk2O1NNsN7Rpaww7twFpw5NZUTHFyaBk1yLtNUqKbiLnLspzOUEbK_s039HmA1bzOO2Hnd9igeRO4BzdOwBMvL3-ZlxPaSvTgzzFhxtDqxRawn0rPPItn7mwycnxBUEBlV6vvci1L5MvP_MTz_rC3mngcNScZ1MCnsfOFC08ijE7lWnBXQ1zzm4IjvqCNr1O6SOmUPFfcfbVhthA940GyaLMLEa7-c9Ig-1upbycdEHu5mWLKbEamB5p3kyFHzXzt0&sai=AMfl-YRXbRnxWnB6Pkmg4bl-Ql4CDwCmsvUeZC6d6dTlXJA9bTqVeG3PfNlxFSkd0oHJ9EJ9kPOpHl1exTmpj5kBMkA6SkRnQYIGnO9H7_hyEzns9mvWUyIT9cX9mcreBR4eTwsJohXjv3Q-_44k27cGMVh03gLJPsftv2f_2SRvPFE9xcSEMpl6yzP2NsMwziwx9BA7r5ANay1fAQtxNHdfePzkuzrmhoh9E1V-_DbxBBzaGgKj2PxMja_enRlfwDsCoXgrjQ-Z6xlWQL7SCFRTjxKiqDHUUIT9IL1VqILFyD83Poa-QIHXsZQQRilSJEoJuc1g1GBS5lhZCPIOTbrfJVdo9chKTTVM61MjxJvin6eQOuRe2cHazhFHV6QEFRf-vLFixbmkXt-vzgXQo4tuvXBvwO45J8bL2_ooH-w&sig=Cg0ArKJSzDQ6x1_yPUEbEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nYWxheHVzLmNo&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240108.93885&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3B5E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 3B5E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31366
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:12:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A048 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 11 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 3B5E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
38838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:07:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B5E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhgyfPkqR148fZzLq6jPequ_TsjgqLlLdtp5DddISIm3g8K5l1yu5Hg6J87yD4Yb8BPLXeMl2D4KwmI3J30C5_HTpIoGJhLFeUOHjRkd6aGfAid9w
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3B5E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 19:55:02 GMT
4569331334477011343
s0.2mdn.net/simgad/ Frame 3B5E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4569331334477011343
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
6c9b6ade974a8bb123931e0d2d9e08f5e8ee2d89efce99a8558a4fb8a610fa33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 07 Jan 2025 23:02:51 GMT
date
Mon, 08 Jan 2024 23:02:51 GMT
x-content-type-options
nosniff
age
161531
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8655
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 17:01:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
partner
sync.search.spotxchange.com/ Frame 8EEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESENRrd8F8pvKnIJObKrF4Hzs&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 8EEA 		0
0
pixel
cm.g.doubleclick.net/ Frame 8EEA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IN1lqR2c1RTJ1RldMWndXM19MemJyMENzbXVpd3dCNX5B&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IN1lqR2c1RTJ1RldMWndXM19MemJyMENzbXVpd3dCNX5B&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISfMxDJgrgCGOiqgfQBMAE&v=APEucNVfDMkfoG1IGIKGPcYNSnk1WDFBN1OogvhX12Jvw84rIOYA-Lx10KxZZL6yuYHKPwi6x707x6XzqyFK7J1IFrBDXIo_HWDZDXnf4k1n4idXc-Jd2VY
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1IN1lqR2c1RTJ1RldMWndXM19MemJyMENzbXVpd3dCNX5B&gdpr=0
date
Wed, 10 Jan 2024 19:55:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame D760 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8210243507259&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D760 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8210243507259&version=m202309260101&ct=132&x=1&cor=14445150416216791000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D760 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj10ohIl3prs1XXx9Z99G2zv9uotv5nMjaRXN9tJICQ7aVR78vUm9dC60xa_ihpAYXgu7x9e_G_z4LIlWUtaaHzX2IdJCtQUIJeSFFmpEw7M4AFqF0G-MkLlj8Zf3iXBCmfYOUFFuaePPV1b106Fj5Jiasx_wcKWOwVUEGO5rNjULlrlGFem5hsRZ9Dzy9KBmjtzUS&cry=1&dbm_d=AKAmf-BmZ6vDGQjP6xcV8KGIGTU39eotSkksGYLZWkXs2Gwzvfxc7K5mibmfx1j7zY8SS02QVx0ZnqAw1K0ug19gLRqS_xZXDrSaTowz-HfDsDeGwNxCwCWuFYMLTvALMhlXpvS_5ZqYKvh6nkFh_OMfsdWaoKeayx69buxz8ff9I4x0-FKQUJuo5pi4INDkSi9VAgioJHEXfkAVEIo1s4BVj7kL6cSNp5ErmwvLJNlYzwu9bbUwdilk1YgykzHiA8BJJ4_AXcez7LEEvCpeGypvLDjU18KQKcSES4QKNYDlXymXejJ04MqViToHn2ZoQmPPGmS0zv279aY_dWVffuHt6smeB14Lj6uxx0Q9aHz-1neyOAWboOlIdbqvICq2ygnNQkKuDoqCGAXMYj40gI9f7zLFQvYbOm7am19J2tVUGXkO8hKRiYPz0NbSnwaqLX-hBz4JQ7hdToEYTu9AECRtqhrT7JRJshelyFfUCXg-ghOxfDVTvd0hqgrcTWWjQe4bOa_CoVSFdOo_EAjNjE63ZWMCgRDzl3H1JH7x7WZxen_LR_nJFkrIYWoVM664IkfB25JBlYmGpF_0J8ER2WbuxJZGfc8HP-Vv3I4MkePXv8kRMVGr5ZbmydhthhI-wXEg1H1Tep952MD_d4A8DwNw0lWhtwYIDRfiLOxIXRQux1t-z-lXz6vK2x4hscMnIdSuxJbFUeo9En4ufDdARuo3eNaiVbdnUEp4eaGB0gr2TRoBvv1Y-WdpRXLFGENdNMBA2HUTOTIjrp1tvZPQfRTyQdPoKjfJSzrdRb1Ehpq3qpayTrJ1mNBtM7bjZkzPclKTDZ-Shs8DVRmVLYrfqPDIfZF8WVd2KPHp8zzkRC4QVHb-m45ra_E0vB9YcUtLdizMzH9OkYeO_z7k0o3O9OecosUwNoHOpOxfGPtQhuNtOX4BriYNBFXanMv9Cu7fb-ArvZMefH5_PsrnUrkCQ4uJFWCkVyxcugJkvFhUWrM9sIGUVyoQPi2F2gnjC2QEgIMcyQlaHLb5EughXzf4sJYucpy9vhiNPbX9Kfte8EHZduGq16Q6lZAXd2lq7jefIaUBo_bygPajo3-FGBxRNoJNSgE-6MCt0QvhzwsdmSBvrn1FeS4w2fs3ja91BK32nrGHO1X6QmyvufCuR9jcxfBOcNnu1hPz5Skmy8YX2gC3hYF1TiNxWBlgX03lMOr-5lUomD1wkira-h7tK_LyBrq56j42l3tAMynfDHGjMUrbfTBqbCseiXPHnwlkjTEVvgd_Uj7JjwLtk2jJQRXsWoE4G-sWzs4UTVEEJ1PvHMF-g4RP-KOn8ISNqzy4oGbjStXk99Gf1iRcSCfJbny7sZ0r3XWixeZqlv80Q_92b23D2AZZqZHUS4RIAg2CtUow_OPWunMDEdKZIejCYiXfh4ANWBWUXJR-8df00lJi_uuMUEqwqG8xAhlhY2STW4uMAcTzQlrk6i9ciFuNyPpMO0ptPXhqC75hNWZLVUFBo01ww7lGU_iklyDc9Gp2E9hcCZAt9YmTBjgUIGzheCRhVDQnG9pTDDhDeWpGN7Edy-1wHTWr2jv3HgHa6cx2zgoJyhxrbYPt3Y0fy3u6chy7iYUwJrKBGV_1PTw31gj_k3eMueQ-QvdC4sOzHKpPDqsXDlrK_0bT19oAkAv35ar1u27x8UPIq8Yib1WmNMSOueetNKWdCgEC6ym7IXP9qbo6vgMGdk8MhDZgFcpA0eno294dsE59Jd_PlWDrKu6_08VByQuB9AvnvmfK_ALUjva9GTSfPydK7fYugc53BRr16hYOCFxhqhnERi91q9clmS7XkMlw-FpHupAzfcrULQ4OuQRpn0g4bf9lmJor9brgmUcQls88v-GEskbsCyAbAEMCGOvFdceN4SoU54ndLXmdMTQ_rKWwG2vsJtB8DwCzT1D8OvvbzJLmbkH6pmfWe1wiS9hG1KLsP0L3H4Z2iRLdO5Xc-t7XaDInCpTSIoVYHOSN7Tf35mo9ZiZH2euXhAt1RVMKAR0B73tnYP-eBfDF3kVsDb0eIpJoOWSobLj95kSJ4q-z7864cmYY6sckk_LQ9gM2T3mTHCWfUSn28LhPDwG5nRFKrSnlpqG4tzachX90jbDxFzmZGKymyN7JaAySVLGOwFAGCM2ftpL0HFRUp04Se_SbNVLrv3Ts2DageluqveuVLGJwp90OOP7slf8h_rE59kUiwH72t3RtrAh9fAoGhBERb2hdoiBriwvbH6I4SX23xtNb4imFXRRsRDD_XJJ7vCxOlyolKnZETc5DA801D-5oW6VhrCYy_ZxHaDxYO7BbC8DqcbeUjKAyepx9bDPjySo3hNXg7AZLKEXYzSzwYtP8mbWvxUgM_PYs_Mz1xEBRpzUqcFltTcD7oODzZKmbbu_qAZ-VLwKloM5ViQtp7Nm1kSKsA_yg4jjYOkL6AcHknBFtkA7h44qY7sMQpBn7R4I_79OqXNkMCAYDPIMyaaiw5cgFW8mP_kJUbLuxz_nKXRj3W5iuupCDAdkYUqCgqtdMUY0IFpAdY9wOmwtezs57eC9NN_SHAf_gqF1zg8wufr7UfSHOJVmXYoTdGKRgEvql48WV9SJ50Kz32wVnxVE_1rYtuszqd-2nKe2uDA_Ud-fOQVe3gr5mydncPRjoVmOE-0GiIjL2XAqAkg9XSrL-J1wi2Ppnpb23ZjUrBlMYX1nRFQTcObvey5bNRMlpAydOQ9smz9vYo7zMbgsdHlb6pA2o43ri099yk_OTJ_gzHQ7yLrWJepvxiqjXIEuhdyHFIMqVwcOGsBwqPtFPxZNjFzLqtHgydlmm-y-oLSqqFmDZMKwn8w1x8x5uqh6bIFUvxbOWJUlkyAVocGurztsuD9PmVPewNlLD4xbgvL7dpCspXZn65fv-9ZfzrK8PX3Rz0MSn1UVTyFqSusAf5mLDQzrYq8VF7gX-mH1MxTFC-4mRhELgeRl_ArYb7OAOBfWjg5H56ta54Zk2veX8j_0z8b4gNFtFKkzjqeZTNQYa6Y7_bE0nrvHcswmh3E82EjIR217VNmls8zmWtnXmKBvCO-GhKlyDU2aaq0Ud6wctkT7ipYRqxINqzHVgtKaPUdBenQRKSLkOwDcMUkw1BC--qK8tmMbHCixddFMONAbd59lDDZL4iQoL63Ky_T8ubjJFmWE4atikrkXmd2Szvh7sKjswh8fCLPdajlQTy9dh9Nb_YuHYlOaXVhiQAf63hwYhUGAQjyorh9zoLmwKM4yIX_VRnvpfCw1G4mYbLxnRCS-xqZFGGWHRoeiOXam7RSt1BpWkQT_pGPjftg50N2AaV7TC0-rhlDCnoDOGXDNE6hwTgfH_-ToZZFB_2S0__7xje58oDbCFxfwQ0aoWkw7tOZKiKoslF0eYNCQVXYdMLtVsSQR5JFQtbXLEu_-J7_NJ62sKfM5tb_Cg6DBNv98GUWC4KmOVDRkAylBDqGaZIKuduajf36vdrKSQiQBmrsFpXem7CFYPCdLcWlOhagq02yCRhE9wVe1siv3_Q7gSarLH60u64rG_7biL-MW5PEnXUKIp1ZDPE_2wW15kiERKDWvYra-1PJjw0iC_H5FzkvnaHVw6vSZJi5bOtddMUbLGsmVKl9OUN2PhsQHy7TbH_9Rsueb_abSWaG7vZ4nK8AbR0gn-HPBvFMFXmqlRF3eMn5et5AJnGtlwLptx3nf3VAyYbfUt-qhXU33no8xyQ5G0A1iA5MrW4p1vZGcbcBKi86Hrt1m7o00rBIrwZBWtqvLvNVolr8qU2njS-m3ISbxbg7y-VjnBglPKS2jV2_zFLttg9nJvvzulYJSEKlUwBA1kAwmDwYocU5MCzFdMp6ezSw_SKee9j-dhtvnq4xPv0aeAS8kQO4M7NzjC5pJbbTEZu0nexRMWfZ42hnHJw5YhXE1yq1dZ6wjAezyxYTjZ76f1JZ9NoluyLhDof_hA3iYwQeWFBltHV5JhbBe2wDG5ubfRzd5gDiMzGANri6k9qA5UvDqpAbsK5RQbOXgo_wJt&cid=CAQSOwAvHhf_7s_8NyiZpl3Qr591SyOspludZsqHQlw9O0hbUyk28Zg8EcsXos7MudNSh_Ma33jY5kK-39NxGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgrabify.link%2F&ds=l&xdt=1&iif=1&cor=14445150416216791000&adk=3690638928&idt=1153&cac=0&dtd=56
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
4e70a90172dd2b2a28a2e74cafc507ace479dd958af8a22dc09c2554ce45fe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39339
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIH0E,pingTime:1,time:2834,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:39%7D,%7Bpiv:100,vs:i,r:,t:1833%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1833,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,1~100%5D,as:%5B1824~300.250%5D%7D%7D,%7Bsl:i,t:1833,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:334,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:658%7D&br=c
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VIH0F,pingTime:1,time:2835,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:39%7D,%7Bpiv:100,vs:i,r:,t:1833%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1833,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,1~100%5D,as:%5B1824~300.250%5D%7D%7D,%7Bsl:i,t:1833,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:334,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:658%7D&br=c
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
ad.doubleclick.net/pcs/ Frame 3B5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvXXDQG6tSOmbsz3HXdXVahoLDmsPZTpKW4PDAUEoM6IxSLJukfOnAiio-WfZ17NRpkq7KnZzAAU4MPg3T33692gMKesJI3uWYnotT0MQde3Z3qBOUwT0UqQP5RAOMr7O2jRVbKDCx_V7viavoVIockQ60n6GF-K48vEwApCnKKS8Bet86ewmpEM7PAn3xnHrB9JK90EbyDMXjApJIZUXUQTJuxGDaB_65g4t9SXVooYsNO25Zjol6ldVVrCe3nX493OGzQqUdoeldgNnQF670p43tUMJPAj0TxpCiRkTDnj9g5wOPaaJ2xjox2HyND0tTZ0L069Fvh9FqJLxGD5X7Ls5WJiuFnRM5A6k5B0bZQFdIy1ajCiCGbJTJcu5myqwnjYXzgkPgmkehOHNNYqR9EsX9pj62bM2blH9ug1Btp2NiaHdnKjVAQ27sxX4T66LOm-P61FGf2flE2_TbvzzfFdVpUCbIU_5giWhSWpXBECX-z84iS40O_i9001DyZqhnIXIEQcNdE4uWKCyx6Ct0uNEf8CdrTFtWgjbbSI4XGOQm_-eQUwY-lXzNf6kxsGZUAIYfDOCVPIDP5JzZX78Uqt-v6YLqP7fkD4Jyufs6amM0stDgyiZDZm3FfUHSe_L4FvSuMFVrtW5Mb41LwlkvuZbzW-muMpWF3TbhiZ4zYKlwpCliWMjC_Rgi5tJ7QxcP2rxnX3Gco7ZsnQF10KEXLCWG45cCbVbHB_7fIOAfC-bJzuarQjgADrSZ5XdeZ7Trmihv88q6l1h-JeX_L9F-VCDtGiM01VH90eng3TuJ4yfJBPHoGUQPgdKx2JgPB4YO9wzf2ctn0nZe_q4_bbMC5XbJrofwZdVU5btcDkmYFOEhOvE93F-WnC03CbjlTxzB1Fo7i8bcebgnwuu_zhMufBVPpumzfVfgf7JH5EfYOnFttRBj5ZxI1aNm-Gdv9uqSiUIZbO9S0-Gaec4a4T_MTjmKWlGBD7eKiW6To9_SK9xNZLHliowLPD_kPSD20pDaNQ6dH8BZQaNs-uTC9sCuR8TDrOFk1VZRYPyEpIaA9OaqT8waaiVgn1AUDQId9ogpNACdnHKHRxtLnUM2TnBc6jZ2YJCJBHjBf2Ju5NJ7CPL2K9mjhA3Je5rNjB-VH45ZvZ7f6fmBxW2tI4jl8kxrm_s3FjsJWGvgIExk2O1NNsN7Rpaww7twFpw5NZUTHFyaBk1yLtNUqKbiLnLspzOUEbK_s039HmA1bzOO2Hnd9igeRO4BzdOwBMvL3-ZlxPaSvTgzzFhxtDqxRawn0rPPItn7mwycnxBUEBlV6vvci1L5MvP_MTz_rC3mngcNScZ1MCnsfOFC08ijE7lWnBXQ1zzm4IjvqCNr1O6SOmUPFfcfbVhthA940GyaLMLEa7-c9Ig-1upbycdEHu5mWLKbEamB5p3kyFHzXzt0&sai=AMfl-YRXbRnxWnB6Pkmg4bl-Ql4CDwCmsvUeZC6d6dTlXJA9bTqVeG3PfNlxFSkd0oHJ9EJ9kPOpHl1exTmpj5kBMkA6SkRnQYIGnO9H7_hyEzns9mvWUyIT9cX9mcreBR4eTwsJohXjv3Q-_44k27cGMVh03gLJPsftv2f_2SRvPFE9xcSEMpl6yzP2NsMwziwx9BA7r5ANay1fAQtxNHdfePzkuzrmhoh9E1V-_DbxBBzaGgKj2PxMja_enRlfwDsCoXgrjQ-Z6xlWQL7SCFRTjxKiqDHUUIT9IL1VqILFyD83Poa-QIHXsZQQRilSJEoJuc1g1GBS5lhZCPIOTbrfJVdo9chKTTVM61MjxJvin6eQOuRe2cHazhFHV6QEFRf-vLFixbmkXt-vzgXQo4tuvXBvwO45J8bL2_ooH-w&sig=Cg0ArKJSzDQ6x1_yPUEbEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nYWxheHVzLmNo&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=299&vt=11&dtpt=298&dett=2&cstd=0&cisv=r20240108.93885&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 76E1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
106464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3B5E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d23b6bda160d3543c4d2f34d302c6941dd0dd70b333a5b02c671ed843dd380

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame A048
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG9Oo0cyBzRRS3fPbQWTpOg&google_cver=1&google_push=AXcoOmR0VVSje-vKuHMr1ITEHUmXGLSC8tLynwHWaQB2fbJ6zQJL9fp24K...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR0VVSje-vKuHMr1ITEHUmXGLSC8tLynwHWaQB2fbJ6zQJL9fp24KMiJU8_TgNHcu1_JQ1f4arRCSFjLdJSZeUpRdWH0Zek&google_hm=0sbyh-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR0VVSje-vKuHMr1ITEHUmXGLSC8tLynwHWaQB2fbJ6zQJL9fp24KMiJU8_TgNHcu1_JQ1f4arRCSFjLdJSZeUpRdWH0Zek&google_hm=0sbyh-QraODUBZqex4TVmQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR0VVSje-vKuHMr1ITEHUmXGLSC8tLynwHWaQB2fbJ6zQJL9fp24KMiJU8_TgNHcu1_JQ1f4arRCSFjLdJSZeUpRdWH0Zek&google_hm=0sbyh-QraODUBZqex4TVmQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A048
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL0NQ3GcL5x8NvZJRzt6UPM&google_cver=1&google_push=AXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL0NQ3GcL5x8NvZJRzt6UPM&google_cver=1&google_push=AXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJ...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL0NQ3GcL5x8NvZJRzt6UPM&google_cver=1&google_push=AXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843779ba0eb0bb00-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1806
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL0NQ3GcL5x8NvZJRzt6UPM&google_cver=1&google_push=AXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSisMe55u8R1KE7X8TMlMbumLM7iWHDBcXb7ebhFt1YtgjK4BiRKLPKMbra6hh08Is6LvKTZvBgmPeeHER2utYAmTKWIPJx3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
843779b7fb1abb00-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A048
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPPJxPiWJj01Tn_lyoUZ0NE&google_cver=1&google_push=AXcoOmQ33oJIbWo4g8yvPRPEWfG1ZDJcKwuCWzMhwZLKCVbuwKgSCVxn_WMMCSuiHx3nohYSGaLYezxW9Br...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ33oJIbWo4g8yvPRPEWfG1ZDJcKwuCWzMhwZLKCVbuwKgSCVxn_WMMCSuiHx3nohYSGaLYezxW9BrSf6avt9GRCypYUicf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ33oJIbWo4g8yvPRPEWfG1ZDJcKwuCWzMhwZLKCVbuwKgSCVxn_WMMCSuiHx3nohYSGaLYezxW9BrSf6avt9GRCypYUicf
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQ33oJIbWo4g8yvPRPEWfG1ZDJcKwuCWzMhwZLKCVbuwKgSCVxn_WMMCSuiHx3nohYSGaLYezxW9BrSf6avt9GRCypYUicf
Date
Wed, 10 Jan 2024 19:55:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame A048
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMkjpJpXfkCgyCCukyWZGdE&google_cver=1&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMkjpJpXfkCgyCCukyWZGdE&google_cver=1&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7j...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-fO9bb_Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-fO9bb_Q
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdLVWDixISbglyfRMNiZuI-0wpUcjTLbY45PgbHNyzlHTIMofLapthBgjP-VcEyyrv11nAIe5Omas28CCD85g7jW-fO9bb_Q
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A048
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDM2JUcXv0J_7F_jkujkOno&google_cver=1&google_push=AXcoOmTbEME6VnQdDugPg5wO1Ypy_riaPKfbgWlBNXVNK7uVvN9hOh0yUlNmZ_O8MxzFZZCB0bTLsnHH...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNzM0NDYyNjgxMDkwNjUwNQ&google_push=AXcoOmTbEME6VnQdDugPg5wO1Ypy_riaPKfbgWlBNXVNK7uVvN9hOh0yUlNmZ_O8MxzFZZCB0bTLsn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNzM0NDYyNjgxMDkwNjUwNQ&google_push=AXcoOmTbEME6VnQdDugPg5wO1Ypy_riaPKfbgWlBNXVNK7uVvN9hOh0yUlNmZ_O8MxzFZZCB0bTLsnHHbkzGycJaH9B7d7a6FilbNQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEzNzM0NDYyNjgxMDkwNjUwNQ&google_push=AXcoOmTbEME6VnQdDugPg5wO1Ypy_riaPKfbgWlBNXVNK7uVvN9hOh0yUlNmZ_O8MxzFZZCB0bTLsnHHbkzGycJaH9B7d7a6FilbNQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame A048
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmSHLThVSRXU8...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmSHLThVSRXU89X1y8BUV64WGJXctA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmSHLThVSRXU89X1y8BUV64WGJXctAJbgOlScAXGZNhFbBBGTsKiKmamrbDG7VW3Xsix74MMFQpiS-AGwZx_mmhsiOi3Dl-bgIE
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
an-x-request-uuid
4f728473-0006-4c96-a15e-46d9b12592f9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI2MTI3NjczMDM4NzQxNjE2NA%3D%3D&google_gid=CAESED3d6ARe9ev9UoVH1ezJvy0&google_cver=1&google_push=AXcoOmSHLThVSRXU89X1y8BUV64WGJXctAJbgOlScAXGZNhFbBBGTsKiKmamrbDG7VW3Xsix74MMFQpiS-AGwZx_mmhsiOi3Dl-bgIE
x-proxy-origin
83.173.209.251; 83.173.209.251; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A048
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHKpzEXQXayS0D4dy7MTrRw&google_cver=1&google_push=AXcoOmS91GfRrTQ9JZ06reghqK9PV1Pp47WPIgG5AB9GkGkAdo0GTqBWc4UxFlbDnCu...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS91GfRrTQ9JZ06reghqK9PV1Pp47WPIgG5AB9GkGkAdo0GTqBWc4UxFlbDnCuVPZNIma8nmoghaVYUCj9VuuEI_2lVR35XWeY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS91GfRrTQ9JZ06reghqK9PV1Pp47WPIgG5AB9GkGkAdo0GTqBWc4UxFlbDnCuVPZNIma8nmoghaVYUCj9VuuEI_2lVR35XWeY
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
5114ed0.d89d16dc
date
Wed, 10 Jan 2024 19:55:04 GMT
x-bytefaas-request-id
202401101955047CF87E1C9181EC74F3CC
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401101955047CF87E1C9181EC74F3CC-4FE1FC476341BD7F-00
x-cache
TCP_MISS from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time
152,23.54.206.12
server-timing
cdn-cache; desc=MISS, edge; dur=165, origin; dur=9, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401101955047CF87E1C9181EC74F3CC
x-cache-remote
TCP_MISS from a23-55-171-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS91GfRrTQ9JZ06reghqK9PV1Pp47WPIgG5AB9GkGkAdo0GTqBWc4UxFlbDnCuVPZNIma8nmoghaVYUCj9VuuEI_2lVR35XWeY
x-bytefaas-execution-duration
4.46
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
010c91f137b5b88b85169fc9e6884b441af746f6e9bba1e3447cc29f887d9ca73fd2f0c7297afcc3eb554c9f81d7e1d347b2bf46950f6af9398febcd041d2e32673542a3961e4914de769c9b85d40a26467e9c89a12fb83cb992366dda564d8b837fa2e86eb3dfc90f7cc9ead078c252ac
x-origin-response-time
9,23.55.171.75
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Wed, 10 Jan 2024 19:55:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A048 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKdX-wHRQrwsZaDVz0Z3OgD3i_FGGEDOMZHTGB5a0JVbPEZj308hMuI_1_ydcw13cXMcb_3xE
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D760 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame D760 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj10ohIl3prs1XXx9Z99G2zv9uotv5nMjaRXN9tJICQ7aVR78vUm9dC60xa_ihpAYXgu7x9e_G_z4LIlWUtaaHzX2IdJCtQUIJeSFFmpEw7M4AFqF0G-MkLlj8Zf3iXBCmfYOUFFuaePPV1b106Fj5Jiasx_wcKWOwVUEGO5rNjULlrlGFem5hsRZ9Dzy9KBmjtzUS&cry=1&dbm_d=AKAmf-BmZ6vDGQjP6xcV8KGIGTU39eotSkksGYLZWkXs2Gwzvfxc7K5mibmfx1j7zY8SS02QVx0ZnqAw1K0ug19gLRqS_xZXDrSaTowz-HfDsDeGwNxCwCWuFYMLTvALMhlXpvS_5ZqYKvh6nkFh_OMfsdWaoKeayx69buxz8ff9I4x0-FKQUJuo5pi4INDkSi9VAgioJHEXfkAVEIo1s4BVj7kL6cSNp5ErmwvLJNlYzwu9bbUwdilk1YgykzHiA8BJJ4_AXcez7LEEvCpeGypvLDjU18KQKcSES4QKNYDlXymXejJ04MqViToHn2ZoQmPPGmS0zv279aY_dWVffuHt6smeB14Lj6uxx0Q9aHz-1neyOAWboOlIdbqvICq2ygnNQkKuDoqCGAXMYj40gI9f7zLFQvYbOm7am19J2tVUGXkO8hKRiYPz0NbSnwaqLX-hBz4JQ7hdToEYTu9AECRtqhrT7JRJshelyFfUCXg-ghOxfDVTvd0hqgrcTWWjQe4bOa_CoVSFdOo_EAjNjE63ZWMCgRDzl3H1JH7x7WZxen_LR_nJFkrIYWoVM664IkfB25JBlYmGpF_0J8ER2WbuxJZGfc8HP-Vv3I4MkePXv8kRMVGr5ZbmydhthhI-wXEg1H1Tep952MD_d4A8DwNw0lWhtwYIDRfiLOxIXRQux1t-z-lXz6vK2x4hscMnIdSuxJbFUeo9En4ufDdARuo3eNaiVbdnUEp4eaGB0gr2TRoBvv1Y-WdpRXLFGENdNMBA2HUTOTIjrp1tvZPQfRTyQdPoKjfJSzrdRb1Ehpq3qpayTrJ1mNBtM7bjZkzPclKTDZ-Shs8DVRmVLYrfqPDIfZF8WVd2KPHp8zzkRC4QVHb-m45ra_E0vB9YcUtLdizMzH9OkYeO_z7k0o3O9OecosUwNoHOpOxfGPtQhuNtOX4BriYNBFXanMv9Cu7fb-ArvZMefH5_PsrnUrkCQ4uJFWCkVyxcugJkvFhUWrM9sIGUVyoQPi2F2gnjC2QEgIMcyQlaHLb5EughXzf4sJYucpy9vhiNPbX9Kfte8EHZduGq16Q6lZAXd2lq7jefIaUBo_bygPajo3-FGBxRNoJNSgE-6MCt0QvhzwsdmSBvrn1FeS4w2fs3ja91BK32nrGHO1X6QmyvufCuR9jcxfBOcNnu1hPz5Skmy8YX2gC3hYF1TiNxWBlgX03lMOr-5lUomD1wkira-h7tK_LyBrq56j42l3tAMynfDHGjMUrbfTBqbCseiXPHnwlkjTEVvgd_Uj7JjwLtk2jJQRXsWoE4G-sWzs4UTVEEJ1PvHMF-g4RP-KOn8ISNqzy4oGbjStXk99Gf1iRcSCfJbny7sZ0r3XWixeZqlv80Q_92b23D2AZZqZHUS4RIAg2CtUow_OPWunMDEdKZIejCYiXfh4ANWBWUXJR-8df00lJi_uuMUEqwqG8xAhlhY2STW4uMAcTzQlrk6i9ciFuNyPpMO0ptPXhqC75hNWZLVUFBo01ww7lGU_iklyDc9Gp2E9hcCZAt9YmTBjgUIGzheCRhVDQnG9pTDDhDeWpGN7Edy-1wHTWr2jv3HgHa6cx2zgoJyhxrbYPt3Y0fy3u6chy7iYUwJrKBGV_1PTw31gj_k3eMueQ-QvdC4sOzHKpPDqsXDlrK_0bT19oAkAv35ar1u27x8UPIq8Yib1WmNMSOueetNKWdCgEC6ym7IXP9qbo6vgMGdk8MhDZgFcpA0eno294dsE59Jd_PlWDrKu6_08VByQuB9AvnvmfK_ALUjva9GTSfPydK7fYugc53BRr16hYOCFxhqhnERi91q9clmS7XkMlw-FpHupAzfcrULQ4OuQRpn0g4bf9lmJor9brgmUcQls88v-GEskbsCyAbAEMCGOvFdceN4SoU54ndLXmdMTQ_rKWwG2vsJtB8DwCzT1D8OvvbzJLmbkH6pmfWe1wiS9hG1KLsP0L3H4Z2iRLdO5Xc-t7XaDInCpTSIoVYHOSN7Tf35mo9ZiZH2euXhAt1RVMKAR0B73tnYP-eBfDF3kVsDb0eIpJoOWSobLj95kSJ4q-z7864cmYY6sckk_LQ9gM2T3mTHCWfUSn28LhPDwG5nRFKrSnlpqG4tzachX90jbDxFzmZGKymyN7JaAySVLGOwFAGCM2ftpL0HFRUp04Se_SbNVLrv3Ts2DageluqveuVLGJwp90OOP7slf8h_rE59kUiwH72t3RtrAh9fAoGhBERb2hdoiBriwvbH6I4SX23xtNb4imFXRRsRDD_XJJ7vCxOlyolKnZETc5DA801D-5oW6VhrCYy_ZxHaDxYO7BbC8DqcbeUjKAyepx9bDPjySo3hNXg7AZLKEXYzSzwYtP8mbWvxUgM_PYs_Mz1xEBRpzUqcFltTcD7oODzZKmbbu_qAZ-VLwKloM5ViQtp7Nm1kSKsA_yg4jjYOkL6AcHknBFtkA7h44qY7sMQpBn7R4I_79OqXNkMCAYDPIMyaaiw5cgFW8mP_kJUbLuxz_nKXRj3W5iuupCDAdkYUqCgqtdMUY0IFpAdY9wOmwtezs57eC9NN_SHAf_gqF1zg8wufr7UfSHOJVmXYoTdGKRgEvql48WV9SJ50Kz32wVnxVE_1rYtuszqd-2nKe2uDA_Ud-fOQVe3gr5mydncPRjoVmOE-0GiIjL2XAqAkg9XSrL-J1wi2Ppnpb23ZjUrBlMYX1nRFQTcObvey5bNRMlpAydOQ9smz9vYo7zMbgsdHlb6pA2o43ri099yk_OTJ_gzHQ7yLrWJepvxiqjXIEuhdyHFIMqVwcOGsBwqPtFPxZNjFzLqtHgydlmm-y-oLSqqFmDZMKwn8w1x8x5uqh6bIFUvxbOWJUlkyAVocGurztsuD9PmVPewNlLD4xbgvL7dpCspXZn65fv-9ZfzrK8PX3Rz0MSn1UVTyFqSusAf5mLDQzrYq8VF7gX-mH1MxTFC-4mRhELgeRl_ArYb7OAOBfWjg5H56ta54Zk2veX8j_0z8b4gNFtFKkzjqeZTNQYa6Y7_bE0nrvHcswmh3E82EjIR217VNmls8zmWtnXmKBvCO-GhKlyDU2aaq0Ud6wctkT7ipYRqxINqzHVgtKaPUdBenQRKSLkOwDcMUkw1BC--qK8tmMbHCixddFMONAbd59lDDZL4iQoL63Ky_T8ubjJFmWE4atikrkXmd2Szvh7sKjswh8fCLPdajlQTy9dh9Nb_YuHYlOaXVhiQAf63hwYhUGAQjyorh9zoLmwKM4yIX_VRnvpfCw1G4mYbLxnRCS-xqZFGGWHRoeiOXam7RSt1BpWkQT_pGPjftg50N2AaV7TC0-rhlDCnoDOGXDNE6hwTgfH_-ToZZFB_2S0__7xje58oDbCFxfwQ0aoWkw7tOZKiKoslF0eYNCQVXYdMLtVsSQR5JFQtbXLEu_-J7_NJ62sKfM5tb_Cg6DBNv98GUWC4KmOVDRkAylBDqGaZIKuduajf36vdrKSQiQBmrsFpXem7CFYPCdLcWlOhagq02yCRhE9wVe1siv3_Q7gSarLH60u64rG_7biL-MW5PEnXUKIp1ZDPE_2wW15kiERKDWvYra-1PJjw0iC_H5FzkvnaHVw6vSZJi5bOtddMUbLGsmVKl9OUN2PhsQHy7TbH_9Rsueb_abSWaG7vZ4nK8AbR0gn-HPBvFMFXmqlRF3eMn5et5AJnGtlwLptx3nf3VAyYbfUt-qhXU33no8xyQ5G0A1iA5MrW4p1vZGcbcBKi86Hrt1m7o00rBIrwZBWtqvLvNVolr8qU2njS-m3ISbxbg7y-VjnBglPKS2jV2_zFLttg9nJvvzulYJSEKlUwBA1kAwmDwYocU5MCzFdMp6ezSw_SKee9j-dhtvnq4xPv0aeAS8kQO4M7NzjC5pJbbTEZu0nexRMWfZ42hnHJw5YhXE1yq1dZ6wjAezyxYTjZ76f1JZ9NoluyLhDof_hA3iYwQeWFBltHV5JhbBe2wDG5ubfRzd5gDiMzGANri6k9qA5UvDqpAbsK5RQbOXgo_wJt&cid=CAQSOwAvHhf_7s_8NyiZpl3Qr591SyOspludZsqHQlw9O0hbUyk28Zg8EcsXos7MudNSh_Ma33jY5kK-39NxGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgrabify.link%2F&ds=l&xdt=1&iif=1&cor=14445150416216791000&adk=3690638928&idt=1153&cac=0&dtd=56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
3730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame D760 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj10ohIl3prs1XXx9Z99G2zv9uotv5nMjaRXN9tJICQ7aVR78vUm9dC60xa_ihpAYXgu7x9e_G_z4LIlWUtaaHzX2IdJCtQUIJeSFFmpEw7M4AFqF0G-MkLlj8Zf3iXBCmfYOUFFuaePPV1b106Fj5Jiasx_wcKWOwVUEGO5rNjULlrlGFem5hsRZ9Dzy9KBmjtzUS&cry=1&dbm_d=AKAmf-BmZ6vDGQjP6xcV8KGIGTU39eotSkksGYLZWkXs2Gwzvfxc7K5mibmfx1j7zY8SS02QVx0ZnqAw1K0ug19gLRqS_xZXDrSaTowz-HfDsDeGwNxCwCWuFYMLTvALMhlXpvS_5ZqYKvh6nkFh_OMfsdWaoKeayx69buxz8ff9I4x0-FKQUJuo5pi4INDkSi9VAgioJHEXfkAVEIo1s4BVj7kL6cSNp5ErmwvLJNlYzwu9bbUwdilk1YgykzHiA8BJJ4_AXcez7LEEvCpeGypvLDjU18KQKcSES4QKNYDlXymXejJ04MqViToHn2ZoQmPPGmS0zv279aY_dWVffuHt6smeB14Lj6uxx0Q9aHz-1neyOAWboOlIdbqvICq2ygnNQkKuDoqCGAXMYj40gI9f7zLFQvYbOm7am19J2tVUGXkO8hKRiYPz0NbSnwaqLX-hBz4JQ7hdToEYTu9AECRtqhrT7JRJshelyFfUCXg-ghOxfDVTvd0hqgrcTWWjQe4bOa_CoVSFdOo_EAjNjE63ZWMCgRDzl3H1JH7x7WZxen_LR_nJFkrIYWoVM664IkfB25JBlYmGpF_0J8ER2WbuxJZGfc8HP-Vv3I4MkePXv8kRMVGr5ZbmydhthhI-wXEg1H1Tep952MD_d4A8DwNw0lWhtwYIDRfiLOxIXRQux1t-z-lXz6vK2x4hscMnIdSuxJbFUeo9En4ufDdARuo3eNaiVbdnUEp4eaGB0gr2TRoBvv1Y-WdpRXLFGENdNMBA2HUTOTIjrp1tvZPQfRTyQdPoKjfJSzrdRb1Ehpq3qpayTrJ1mNBtM7bjZkzPclKTDZ-Shs8DVRmVLYrfqPDIfZF8WVd2KPHp8zzkRC4QVHb-m45ra_E0vB9YcUtLdizMzH9OkYeO_z7k0o3O9OecosUwNoHOpOxfGPtQhuNtOX4BriYNBFXanMv9Cu7fb-ArvZMefH5_PsrnUrkCQ4uJFWCkVyxcugJkvFhUWrM9sIGUVyoQPi2F2gnjC2QEgIMcyQlaHLb5EughXzf4sJYucpy9vhiNPbX9Kfte8EHZduGq16Q6lZAXd2lq7jefIaUBo_bygPajo3-FGBxRNoJNSgE-6MCt0QvhzwsdmSBvrn1FeS4w2fs3ja91BK32nrGHO1X6QmyvufCuR9jcxfBOcNnu1hPz5Skmy8YX2gC3hYF1TiNxWBlgX03lMOr-5lUomD1wkira-h7tK_LyBrq56j42l3tAMynfDHGjMUrbfTBqbCseiXPHnwlkjTEVvgd_Uj7JjwLtk2jJQRXsWoE4G-sWzs4UTVEEJ1PvHMF-g4RP-KOn8ISNqzy4oGbjStXk99Gf1iRcSCfJbny7sZ0r3XWixeZqlv80Q_92b23D2AZZqZHUS4RIAg2CtUow_OPWunMDEdKZIejCYiXfh4ANWBWUXJR-8df00lJi_uuMUEqwqG8xAhlhY2STW4uMAcTzQlrk6i9ciFuNyPpMO0ptPXhqC75hNWZLVUFBo01ww7lGU_iklyDc9Gp2E9hcCZAt9YmTBjgUIGzheCRhVDQnG9pTDDhDeWpGN7Edy-1wHTWr2jv3HgHa6cx2zgoJyhxrbYPt3Y0fy3u6chy7iYUwJrKBGV_1PTw31gj_k3eMueQ-QvdC4sOzHKpPDqsXDlrK_0bT19oAkAv35ar1u27x8UPIq8Yib1WmNMSOueetNKWdCgEC6ym7IXP9qbo6vgMGdk8MhDZgFcpA0eno294dsE59Jd_PlWDrKu6_08VByQuB9AvnvmfK_ALUjva9GTSfPydK7fYugc53BRr16hYOCFxhqhnERi91q9clmS7XkMlw-FpHupAzfcrULQ4OuQRpn0g4bf9lmJor9brgmUcQls88v-GEskbsCyAbAEMCGOvFdceN4SoU54ndLXmdMTQ_rKWwG2vsJtB8DwCzT1D8OvvbzJLmbkH6pmfWe1wiS9hG1KLsP0L3H4Z2iRLdO5Xc-t7XaDInCpTSIoVYHOSN7Tf35mo9ZiZH2euXhAt1RVMKAR0B73tnYP-eBfDF3kVsDb0eIpJoOWSobLj95kSJ4q-z7864cmYY6sckk_LQ9gM2T3mTHCWfUSn28LhPDwG5nRFKrSnlpqG4tzachX90jbDxFzmZGKymyN7JaAySVLGOwFAGCM2ftpL0HFRUp04Se_SbNVLrv3Ts2DageluqveuVLGJwp90OOP7slf8h_rE59kUiwH72t3RtrAh9fAoGhBERb2hdoiBriwvbH6I4SX23xtNb4imFXRRsRDD_XJJ7vCxOlyolKnZETc5DA801D-5oW6VhrCYy_ZxHaDxYO7BbC8DqcbeUjKAyepx9bDPjySo3hNXg7AZLKEXYzSzwYtP8mbWvxUgM_PYs_Mz1xEBRpzUqcFltTcD7oODzZKmbbu_qAZ-VLwKloM5ViQtp7Nm1kSKsA_yg4jjYOkL6AcHknBFtkA7h44qY7sMQpBn7R4I_79OqXNkMCAYDPIMyaaiw5cgFW8mP_kJUbLuxz_nKXRj3W5iuupCDAdkYUqCgqtdMUY0IFpAdY9wOmwtezs57eC9NN_SHAf_gqF1zg8wufr7UfSHOJVmXYoTdGKRgEvql48WV9SJ50Kz32wVnxVE_1rYtuszqd-2nKe2uDA_Ud-fOQVe3gr5mydncPRjoVmOE-0GiIjL2XAqAkg9XSrL-J1wi2Ppnpb23ZjUrBlMYX1nRFQTcObvey5bNRMlpAydOQ9smz9vYo7zMbgsdHlb6pA2o43ri099yk_OTJ_gzHQ7yLrWJepvxiqjXIEuhdyHFIMqVwcOGsBwqPtFPxZNjFzLqtHgydlmm-y-oLSqqFmDZMKwn8w1x8x5uqh6bIFUvxbOWJUlkyAVocGurztsuD9PmVPewNlLD4xbgvL7dpCspXZn65fv-9ZfzrK8PX3Rz0MSn1UVTyFqSusAf5mLDQzrYq8VF7gX-mH1MxTFC-4mRhELgeRl_ArYb7OAOBfWjg5H56ta54Zk2veX8j_0z8b4gNFtFKkzjqeZTNQYa6Y7_bE0nrvHcswmh3E82EjIR217VNmls8zmWtnXmKBvCO-GhKlyDU2aaq0Ud6wctkT7ipYRqxINqzHVgtKaPUdBenQRKSLkOwDcMUkw1BC--qK8tmMbHCixddFMONAbd59lDDZL4iQoL63Ky_T8ubjJFmWE4atikrkXmd2Szvh7sKjswh8fCLPdajlQTy9dh9Nb_YuHYlOaXVhiQAf63hwYhUGAQjyorh9zoLmwKM4yIX_VRnvpfCw1G4mYbLxnRCS-xqZFGGWHRoeiOXam7RSt1BpWkQT_pGPjftg50N2AaV7TC0-rhlDCnoDOGXDNE6hwTgfH_-ToZZFB_2S0__7xje58oDbCFxfwQ0aoWkw7tOZKiKoslF0eYNCQVXYdMLtVsSQR5JFQtbXLEu_-J7_NJ62sKfM5tb_Cg6DBNv98GUWC4KmOVDRkAylBDqGaZIKuduajf36vdrKSQiQBmrsFpXem7CFYPCdLcWlOhagq02yCRhE9wVe1siv3_Q7gSarLH60u64rG_7biL-MW5PEnXUKIp1ZDPE_2wW15kiERKDWvYra-1PJjw0iC_H5FzkvnaHVw6vSZJi5bOtddMUbLGsmVKl9OUN2PhsQHy7TbH_9Rsueb_abSWaG7vZ4nK8AbR0gn-HPBvFMFXmqlRF3eMn5et5AJnGtlwLptx3nf3VAyYbfUt-qhXU33no8xyQ5G0A1iA5MrW4p1vZGcbcBKi86Hrt1m7o00rBIrwZBWtqvLvNVolr8qU2njS-m3ISbxbg7y-VjnBglPKS2jV2_zFLttg9nJvvzulYJSEKlUwBA1kAwmDwYocU5MCzFdMp6ezSw_SKee9j-dhtvnq4xPv0aeAS8kQO4M7NzjC5pJbbTEZu0nexRMWfZ42hnHJw5YhXE1yq1dZ6wjAezyxYTjZ76f1JZ9NoluyLhDof_hA3iYwQeWFBltHV5JhbBe2wDG5ubfRzd5gDiMzGANri6k9qA5UvDqpAbsK5RQbOXgo_wJt&cid=CAQSOwAvHhf_7s_8NyiZpl3Qr591SyOspludZsqHQlw9O0hbUyk28Zg8EcsXos7MudNSh_Ma33jY5kK-39NxGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgrabify.link%2F&ds=l&xdt=1&iif=1&cor=14445150416216791000&adk=3690638928&idt=1153&cac=0&dtd=56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
3724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:52:59 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D760 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:49:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 91B5 		1 KB
687 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 11 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D760 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef6db15dc2cd523ceda17dbe96d06a3eb3812f214c0b2e35f9bf929719da720

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 76E1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5C2 		42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEVo9o9wzhtoAtpPohhusQvvVQs3pkmNsj-KVfKkqMUN1FqnSGH3khRhzkMSds_owE2h9K9y65YkPrOIkXGJOLKafAFaJONk6izgQFo63FqBendRF8fN61OV3o9Uo&sig=Cg0ArKJSzHrSY9G-E-OPEAE&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2062,0,0,0,0%26mtos%3D2062,2062,2062,2062,2062%26amtos%3D0,0,0,0,0%26mcvt%3D2062%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2225%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D203%26dur%3D15061%26vmtime%3D2235%26dtos%3D2062%26dtoss%3D1%26dvs%3D2062%26dfvs%3D2062%26dvpt%3D2225%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2062&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5C2 		42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvZx5PibqfuiYl-iXEjW-wD_H-VNmROcb6YySRH8MpkyxNJfQGaEAydC2SkddqUf9mf6QeH--pfkyOrSmTy89HIkDFK5JlJWrLGxMke7iJv7aa7zgr2fkF&sig=Cg0ArKJSzAubahY8GrrCEAE&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2062,0,0,0,0%26mtos%3D2062,2062,2062,2062,2062%26amtos%3D0,0,0,0,0%26mcvt%3D2062%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2225%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D203%26dur%3D15061%26vmtime%3D2235%26dtos%3D2062%26dtoss%3D1%26dvs%3D2062%26dfvs%3D2062%26dvpt%3D2225%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2062&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8E44 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
106465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 14:20:39 GMT
expires
Wed, 08 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame 48D8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 91B5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1&google_push=AXcoOmSTjn__uJ5juLVdl81S0QrhbLFVFfMqghUBQSq64uNkS7xoDG3LHc0rTs0uvlc_Gke0Wbmjk3vdlnAX_L_zmr9XunzoQUX-5w
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4NzMxMTk1MjI5MTIxNTk2NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGwNK88ebahnzAlPzfvjFcw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91B5
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOXhLUZE4tudVj7wBD4rjjI&google_cver=1&google_push=AXcoOmQUipibdncLAUqgcFWRIcARt3T8m9_aWQU-xRn8sM0_5jEXP8HDo38MRjEqAcbyenle5rp3MZf7ZlWUQgkE...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmQUipibdncLAUqgcFWRIcARt3T8m9_aWQU-xRn8sM0_5jEXP8HDo38MRjEqAcbyenle5rp3MZf7ZlWUQgkEf_2uc1B7D8mHbQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmQUipibdncLAUqgcFWRIcARt3T8m9_aWQU-xRn8sM0_5jEXP8HDo38MRjEqAcbyenle5rp3MZf7ZlWUQgkEf_2uc1B7D8mHbQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:04 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_JkizGhUTZk3nS38ZXLU9A&google_push=AXcoOmQUipibdncLAUqgcFWRIcARt3T8m9_aWQU-xRn8sM0_5jEXP8HDo38MRjEqAcbyenle5rp3MZf7ZlWUQgkEf_2uc1B7D8mHbQ
x-host
tde-deliveryengine-production-5db7bf8975-7fcd9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 91B5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMf_ss48IJevTPesVj6ZNvI&google_cver=1&google_push=AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-6ASAmYzvAQ&google_hm=0HoC558RQVKCBNxo4VYipQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-6ASAmYzvAQ&google_hm=0HoC558RQVKCBNxo4VYipQ==
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-6ASAmYzvAQ&google_hm=0HoC558RQVKCBNxo4VYipQ==
date
Wed, 10 Jan 2024 19:55:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 91B5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHRdupNXqy0G79SNSwK0qHI&google_cver=1&google_push=AXcoOmTnMP0a2KbrAeYCOKKVHvzZEzIDAg1CfPKmlYF2B5HzCTS2amSiR5BB_qTwjiXwL9RysZDrqLybuQJxZkZXAk-IDlp...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnMP0a2KbrAeYCOKKVHvzZEzIDAg1CfPKmlYF2B5HzCTS2amSiR5BB_qTwjiXwL9RysZDrqLybuQJxZkZXAk-IDlprVGRkiA&google_hm=eS0zZHFDdlExRTJwSEdO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnMP0a2KbrAeYCOKKVHvzZEzIDAg1CfPKmlYF2B5HzCTS2amSiR5BB_qTwjiXwL9RysZDrqLybuQJxZkZXAk-IDlprVGRkiA&google_hm=eS0zZHFDdlExRTJwSEdOOTQ2ZXdSc2E4S1ZnN1Zvcm1qc35B
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 19:55:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnMP0a2KbrAeYCOKKVHvzZEzIDAg1CfPKmlYF2B5HzCTS2amSiR5BB_qTwjiXwL9RysZDrqLybuQJxZkZXAk-IDlprVGRkiA&google_hm=eS0zZHFDdlExRTJwSEdOOTQ2ZXdSc2E4S1ZnN1Zvcm1qc35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 91B5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAxZoxFFfGcIMsJdihq1WPc&google_cver=1&google_push=AXcoOmTbqW6ZBdYUAvbpY3mcXXZoRuLh3Txdg7ZRhsjd5ieAHROKY4KvM5LNwt1BJRBZc6dXxy1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NzlNSDMtMUgtNlFPTQ==&google_push=AXcoOmTbqW6ZBdYUAvbpY3mcXXZoRuLh3Txdg7ZRhsjd5ieAHROKY4KvM5LNwt1BJRBZc6dXxy13c3O8gEpfpiIZL_y5Hrobum3l9w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NzlNSDMtMUgtNlFPTQ==&google_push=AXcoOmTbqW6ZBdYUAvbpY3mcXXZoRuLh3Txdg7ZRhsjd5ieAHROKY4KvM5LNwt1BJRBZc6dXxy13c3O8gEpfpiIZL_y5Hrobum3l9w
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NzlNSDMtMUgtNlFPTQ==&google_push=AXcoOmTbqW6ZBdYUAvbpY3mcXXZoRuLh3Txdg7ZRhsjd5ieAHROKY4KvM5LNwt1BJRBZc6dXxy13c3O8gEpfpiIZL_y5Hrobum3l9w
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
/
cc.adingo.jp/adx/push/ Frame 91B5 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEB2TIViVmYSjnoelUA2oxak&google_cver=1&google_push=AXcoOmRaHKN1NAmPn6hj1RPZZtdL0ITd0xUTYGPflLsDsqiefXTW5fu3HBGwLlo0Mb9y6-k3r4vHD35tYhEoUQKbaz9a99uJoPQgCA
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.237.41 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
server
awselb/2.0
v1
match.sharethrough.com/E4rooAtA/ Frame 91B5 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBEYjCvAc9tpnykAFZeCY9E&google_cver=1&google_push=AXcoOmSXKBtkrUMX58F4OVmSE7Smk_y0FfHPJYUKr1DUKKeZVlcpG_ENKVBSAr0Jw0SuiSiFSQbixBWU72GMDpNeyQW_ynJWFgWP1xw
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.140.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-140-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 91B5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9qGBOr2vGQUO4DyvsU9aI7jxXizIEZF0m9jKhIJ47iDEReCHu6Jx6r2I_Ns_gGiql8aW-SQ
Requested by
Host: 8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
URL: https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/9373232566376595456/ Frame 356B 		304 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
a32034f1a6a78a94a792021a838bdc2a75dbb07e4c699984d4a89ff96480482b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:04 GMT
expires
Thu, 09 Jan 2025 19:55:04 GMT
last-modified
Wed, 29 Jun 2022 08:54:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D760 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvJYkaantyZq3H2YHj3m0d_VRpNGY09gs5241NrFupIrhY1uGoqpraED9Hu7LRNZOLiDvjxlbiIdPI2wP6IujA87mh9i8hhdCgQ3wN6kh9SVwCr6uQTA2fNf5JaO9MdIjdYeW3W6C9bcG4_4eMKX35SO0rZuTWqOjZuxWAC3TUfAOYYLCs6HQQQcPE384RMnHv4mw2N2fiNtAiPeZuajhkuFGoCMpFZJoEizdYQWbsmaLAiAR8vwRZboD0Sw9QDOLPBlSLH-e1bkqDGxUUgjQzGZC7XyCK3W9eSxN5NAiV-mx6hQBJExNWONJSNkaIZEYvVw-H19dqrnnPGVHjGcQM37px-9f2IR6Y5lT5gTDSS1EoeqwPvrtBRgLIEN5v7Slm4aG8cv-J9-TlmaOrIk8DeLbL-8qmuwD3cHoD2EjEyAivVIfY-3nX0kTx4DOOl7G9Pv57V-RzewcdsFIgbcdwfI4uu8PoFGjuZ8bbflXLACT32-o6WDtqhUu85gT9d4FqK5A88aRzlIlNGg3ez23CIpZHB3An63YHjb6_EvzUoyRmWaG17hjqnRG3YvSfnKMrRDBXsYlJ2HgkUW_l6z74oG0ce0uU8mjms3m1-dom6R8FiBPHosCwX42E7JmBmNZWAkqSpiTk6ZntT_dwKIiqlow2eDSPfPSkEqQVY5unYHX05eEBk83Dw6j9zXAIBX24jjpLCqPbxm3UuqLjcHmjnjlezsYImnMsj_mbh8A5NXLtVII6DhZ_O8Pum8qOPXQSVh5cFi3Sa3tzHjQRHYf5eOxP6oftB0Dngh-jZNOL31jg5okWHrxxGyCJT6nyvg2NJcgcRDUVDofCEO_B-jRtx-5rwpzWfYS0MsRk39XSgxWNBSV-0za2JqXRPMO_-_ewlNKPQMk_65m0kYlHgmUnE5oRFrtPYHBStn_nzE1TEwAiGWopRk14E7ZaJ4FdRt3PNK1UAc9eOMEoTl8gxtSermeKEc-cjNLphL1dJQUcigiHk10kTbHNmhZklLGJiDKqyXaKHRd06TbDmGlH9ix80GR362EcRTWHBlXnlZjYGvT-C4yUapPCtcRRVn-djH9jqIyPSpH7krW-goELXiQUTFAX7wHBokvqQeH44IHBiIE4Nlokw4WNT5JyPBcKVSvULXD-xaAKh0404GzkPB-4IoaxQIC-qhQKRB4Pr3r_jkKgXI402eGjWXoMf-vywlvUHq2vpH_ay5HGZfeyhLan_Wpbkizn7VpJDp1EDSaFw33bOHDTGgJ00RtYWYaAJE0JJb1_YE0NtaDXg9_ZT5cmlbbNrxW_yPt4lIWoNsfiozx14aOyO686aEbkz7ZejqaYUeYQK75FnGuvcZhzQv9h3ay3rmqAR6MAuoJNPlIjKyOGrzp3k-oXPhqbYaQgIUUqJAbAvUj4-sc43QU97R7oje9gPhEuGyKWMEIodElE2TAMCms6M460F0T6Y7gzGaRou5gIQcXwtRqHMNkP66Ky3e1g6CXU1g&sai=AMfl-YSQT8tG3KMaAFLzwTPlVoE-QKUTkxdzRBGnUeK2PNFoCAzEdu-BvJpDDWn1BOqcRJRZEpsgRPV3_zJaLNRRfvcGShdROoqiJJGqQEW2AIpWuNjejdJRigJ0aQ8vvGEXOYmpOk28CwvsEpOki9fspBq4bt2-WncbFcB_VQ-pGixvcN98grcFtVB_KXj8vQe4cccmANN6SKd8MuzuAxPfIjqVe4meTDbiT4ghgyYoS9y2pGxceSYQ3UBmgCwVLHR2-Fq8NfeKEA4dYu2H1dOcaOaitK7e&sig=Cg0ArKJSzHs4-bE51WG0EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=684&cbvp=1&cstd=664&cisv=r20240108.83154&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 10 Jan 2024 19:55:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 8E44 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
css
fonts.googleapis.com/ Frame 356B 		2 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular|Poppins:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f138.1e100.net
Software
ESF /
Resource Hash
40ad67d06519a22417ff121bb7176695e975cb9357a3a61c1e8822e9ed193d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 19:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 19:19:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 19:55:04 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 356B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 04:12:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D760 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiDM2C4qLC20MhjQkPBeVmOUhF0HODn7arOfrlUebXQEkRfvbkC0awHlTfacTv5r_ArBRdRgYPovAdyAUQpytpdUYTSvku7ZYBW2oiMf6nKAz26JjwqRW5zSY9uB-MvNfFE9jsmfrkX_vWxjw0xjYGcPwq_g&sai=AMfl-YR9b_2qbGwks4vYkHnwNQswigw0zDm91hbMybuJRdmv2EuujbUJo4dAcTR7nyWuv3FhRWrSgnmcjeK8lqjfu5Xfqv7kG94RlNKWePVpqlHZiRx9owZp2m3sIqQ&sig=Cg0ArKJSzCXzcFyYDtnAEAE&cid=CAQSOwAvHhf_7s_8NyiZpl3Qr591SyOspludZsqHQlw9O0hbUyk28Zg8EcsXos7MudNSh_Ma33jY5kK-39NxGAE&id=lidar2&mcvt=1020&p=1066,315,1316,1285&mtos=0,0,1020,1020,1020&tos=0,0,1020,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&vu=1&app=0&itpl=20&adk=1819770311&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704916501525&rpt=2350&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decimaround-webfont.woff2
s0.2mdn.net/sadbundle/9373232566376595456/ Frame 356B 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9373232566376595456/decimaround-webfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
ef5dafe5eaed774ece1224014fc854b80526ea8d9b2a4dbf49790cb37948b921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 06:49:52 GMT
date
Tue, 09 Jan 2024 06:49:52 GMT
x-content-type-options
nosniff
age
133512
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23284
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 08:54:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 356B 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular|Poppins:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:36:20 GMT
x-content-type-options
nosniff
age
188324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 15:36:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 356B 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e55c8e386feb7ab5b0e0c19ae9f62ba01df6ba913d1e2a5805593e0b42577004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5876
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 356B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 23:53:06 GMT
file.mp4
r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D5C2 		16 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.108.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s17-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=4259854-

Response headers

Date
Wed, 10 Jan 2024 19:55:05 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 4259854-4322611/4322612
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
62758
Last-Modified
Mon, 16 Oct 2023 12:44:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Expires
Wed, 10 Jan 2024 19:55:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D760 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvJYkaantyZq3H2YHj3m0d_VRpNGY09gs5241NrFupIrhY1uGoqpraED9Hu7LRNZOLiDvjxlbiIdPI2wP6IujA87mh9i8hhdCgQ3wN6kh9SVwCr6uQTA2fNf5JaO9MdIjdYeW3W6C9bcG4_4eMKX35SO0rZuTWqOjZuxWAC3TUfAOYYLCs6HQQQcPE384RMnHv4mw2N2fiNtAiPeZuajhkuFGoCMpFZJoEizdYQWbsmaLAiAR8vwRZboD0Sw9QDOLPBlSLH-e1bkqDGxUUgjQzGZC7XyCK3W9eSxN5NAiV-mx6hQBJExNWONJSNkaIZEYvVw-H19dqrnnPGVHjGcQM37px-9f2IR6Y5lT5gTDSS1EoeqwPvrtBRgLIEN5v7Slm4aG8cv-J9-TlmaOrIk8DeLbL-8qmuwD3cHoD2EjEyAivVIfY-3nX0kTx4DOOl7G9Pv57V-RzewcdsFIgbcdwfI4uu8PoFGjuZ8bbflXLACT32-o6WDtqhUu85gT9d4FqK5A88aRzlIlNGg3ez23CIpZHB3An63YHjb6_EvzUoyRmWaG17hjqnRG3YvSfnKMrRDBXsYlJ2HgkUW_l6z74oG0ce0uU8mjms3m1-dom6R8FiBPHosCwX42E7JmBmNZWAkqSpiTk6ZntT_dwKIiqlow2eDSPfPSkEqQVY5unYHX05eEBk83Dw6j9zXAIBX24jjpLCqPbxm3UuqLjcHmjnjlezsYImnMsj_mbh8A5NXLtVII6DhZ_O8Pum8qOPXQSVh5cFi3Sa3tzHjQRHYf5eOxP6oftB0Dngh-jZNOL31jg5okWHrxxGyCJT6nyvg2NJcgcRDUVDofCEO_B-jRtx-5rwpzWfYS0MsRk39XSgxWNBSV-0za2JqXRPMO_-_ewlNKPQMk_65m0kYlHgmUnE5oRFrtPYHBStn_nzE1TEwAiGWopRk14E7ZaJ4FdRt3PNK1UAc9eOMEoTl8gxtSermeKEc-cjNLphL1dJQUcigiHk10kTbHNmhZklLGJiDKqyXaKHRd06TbDmGlH9ix80GR362EcRTWHBlXnlZjYGvT-C4yUapPCtcRRVn-djH9jqIyPSpH7krW-goELXiQUTFAX7wHBokvqQeH44IHBiIE4Nlokw4WNT5JyPBcKVSvULXD-xaAKh0404GzkPB-4IoaxQIC-qhQKRB4Pr3r_jkKgXI402eGjWXoMf-vywlvUHq2vpH_ay5HGZfeyhLan_Wpbkizn7VpJDp1EDSaFw33bOHDTGgJ00RtYWYaAJE0JJb1_YE0NtaDXg9_ZT5cmlbbNrxW_yPt4lIWoNsfiozx14aOyO686aEbkz7ZejqaYUeYQK75FnGuvcZhzQv9h3ay3rmqAR6MAuoJNPlIjKyOGrzp3k-oXPhqbYaQgIUUqJAbAvUj4-sc43QU97R7oje9gPhEuGyKWMEIodElE2TAMCms6M460F0T6Y7gzGaRou5gIQcXwtRqHMNkP66Ky3e1g6CXU1g&sai=AMfl-YSQT8tG3KMaAFLzwTPlVoE-QKUTkxdzRBGnUeK2PNFoCAzEdu-BvJpDDWn1BOqcRJRZEpsgRPV3_zJaLNRRfvcGShdROoqiJJGqQEW2AIpWuNjejdJRigJ0aQ8vvGEXOYmpOk28CwvsEpOki9fspBq4bt2-WncbFcB_VQ-pGixvcN98grcFtVB_KXj8vQe4cccmANN6SKd8MuzuAxPfIjqVe4meTDbiT4ghgyYoS9y2pGxceSYQ3UBmgCwVLHR2-Fq8NfeKEA4dYu2H1dOcaOaitK7e&sig=Cg0ArKJSzHs4-bE51WG0EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1285&vt=11&dtpt=601&dett=3&cstd=664&cisv=r20240108.83154&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
twk-main.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		121 B
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1769084
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779bce8743751-MXP
twk-vendor.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1769084
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779bd08ab3751-MXP
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		212 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1769084
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"86b32a04921a039ace69980bacd1b639"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779bd08ad3751-MXP
twk-chunk-common.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		219 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1769084
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"7cb04588da7fac9195cf9fcf0a9cd695"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779bd08af3751-MXP
twk-runtime.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1769084
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"8a62145a771f178a2f2776bd2b72d0d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779bd08b03751-MXP
twk-app.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		151 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/56dbf56bfd8c937066739b91/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
Origin
https://grabify.link
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1769084
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779bd08b33751-MXP
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
79e25514f8e3c2b6cc4959648570da0012773be1804e9e005d3b24313c0910b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12305
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B62C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=grabify.link&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:05 GMT
server
Kestrel
server-processing-duration-in-ticks
435755
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
gen_204
pagead2.googlesyndication.com/pagead/ Frame 76E1 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdPcMFfaeZfGqG8SD1PIP1tON2AkAAAAAOAHgBAI&bg=!BwSlBEvNAAaumcC-jpk7ADQBe5WfONga1LGID0GfKdqurQaGDaxPT5YiLvruGKO4mgY-j90dA0sR7XK0VODJAawaDqreAgAAAOVSAAAAA2gBB5kDDolCh4GtEv_fY7P7_tiwHl_IKFjSB1f0IG0l_ln5NduBcAXWBVUnEesUD4wus7WkOWT1veif0yXyeZjcEbm0WCdEQbbh1_hh6tK8_C72mV8rHM10HBUbVFmLcEjrCXNp3krHOx4Ux-8hP10ancZqFziSLm2uMuwMjoVsaa6ivCkMsPtpNnUZwAXn8EauUmT6rm7KW0qPukaVZXpoJN4Qm3ff_R9dyodOSqyeP9cMFTsXvAZ6qjCJEvMyqI_fX7gnV_RIl3HuIm72YgWd5s9Zvhls2JQUw5ghKQs5ibNQk4Oj5SfdkNc2RW27JUdnNs2PGgj0Dx-wxmRrqSxM98_p7qXXL_cYX78hxt-_hSHUyDHXO7x2BEAV42HOTKy9Y4_fmxGa7hlMR7u6wWECy7SoA0T4a5qwoHLNxUBuoPTeC8LiOG4gCqKLJ0ZMZwGx-Ma52QV6AeCHmG6_Tn7n5SL0Z7XeslatWRoAWZeQ72pBjAxIaLeEhaI94iHoHyMtr-Mt1wPjGJxuP3UBYd12nNFnPcaRSGnWbgHechSw9ZKZl2wpd_Jz1uXhuNOgEAFAF2NrOSHa7qgtWkkju_KfnQ4uXqPtysoDR2hR-QfarGJKAaXK3Iu3_7BlQxMSOIRo1L8JfiJujUUdeU3MLl8I6AnJQW-mfwmyPmVLuVtzGdG2kQxHZUUsYubDtLO76zcz8XY-uxVmXoFG5aI4XkiYmgJ93U3Qr7z0z3Q1QRvtsGCy0XV45aPEOIjWbi-Vqjsk1rtb5DUu-1ic3RTvgHHoxhyb_N2UeIm0MPErQMq7UU96rDATjqFe_7suu7D8yPZihxb_2uECNKYU40u7k7T8V8U18Y6CFB-QrN4omftxiIwjtBh3vtGP3_1HO0-GAURpbYfW4gR8RR-50rauXO88tLbX3bijGoAOTVpnBKkJu87NQ_HYqZCk5UkRmOU6Ni6ogyoZc0P6YVoJau-rsNfhXT_CnlXvyokUgb60bTzrjUMermSdLbPIGYkygAO1w1mSdfaaMSLNOC5tdHF-1muYOuUa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 356B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 19:55:05 GMT
rum
grabify.link/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://grabify.link/track/41AL59
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://grabify.link
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
843779bd1c914bef-MXP
rum
grabify.link/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://grabify.link/track/41AL59
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://grabify.link
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
843779bd5d1d4bef-MXP
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E44 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzuCpFvaeZZGVNcmP9u8Ptd-sqAsAAAAAOAHgBAI&bg=!wcKlwo3NAAaumcC-jpk7ADQBe5WfOHqj_k0t_Ns2XYjshPyrUmeTfHwzOGK3Y0KpRzsR4u-utidFt9LPyOBibjrGd0Y_AgAAAMRSAAAABGgBB5kC_Xxw7v3XwNr6uH_R_J3_4LxshioCIrJ4LhbG_ST9eQQgwVqnit7V73XRILj2RECUh5GsPkDMcc5JxT58lR51pOESgl_I6VWS49QmMlpED7sr6nvTeGr_wTqqh3HK-N_TjjPP6HJATafOhbtj3q9NNDLV09D6t6FnbTOdU1dT1csV1gPxNiOp1ygkjMa1_xg2mmiQpQUsWGJFeFv1zGxHoy5vTQuEq4Zt1zRmr_dc3-_fytHonOjWamZ-2r0zObGus70viOHTNq5bnGOuQbZvJ04v4qZrribwlqMGd_veUVSlW8WXNqf2OO0cyLNK0U3oVNqxhMTBQuJ1G8Pl2Bf4OAn_4sxehA0F5czg_tFwL4KkGWqNKwj59MWmz_pZST6Z-s5nBDLY96yZ8eebvTTQ66TTpmEQQC4RWH5_OolfV4SPSIrX7QHjda_-QGcNmkJJArGkUPvRiawUv4cVxa8acwnJRIn1SDtOtqK5aBhLDxU8Kwxn8AiBkjXw1291VohnJinYiWjunolUppyjzEwK3pmCQBsVwG_NkP63UNQuSusx3Y5kVEmsNsWIZl_afBqXtGf6XB0Es_xydE7DTNoOLVbf1BGoIOJ_2jWSwjp32mmBD7Uv4LVsGh4Cth6enIaQCr3hpZRPhCAgTU2xYNqmb-rzapMgCTjsbSMXeFyRoZ0o74NTzXsVBySzYqJe5CCRzVoHNaPDQXuHgbwOi9Ahz0MeuAuMUHw1DNzQum6KZJkPyMgX1oNduZ4z3JYjw4kSUR3Qqh4hjmsPYbhDMSRIg4QWyNYH2Pc_tBGfnA2Y6EfYSdTIdp41RPYbiCONrIMB9sOYt_XHtV96nwrsfw_FUHr6JXWN6oO03DnwcPPrsaHe847I0-w1pQWGByRG-chXOKIX6Iv3EnAmlgE2Lywg1XD_FE3UVUZp2cFGYgJsiuhqvVjHc1S-GsU8QNFBDyNYEdfe4YQILrdpNQP4lNzDykuJX7zUZdolXtdwJZ0h0fw1Hsq0x-ljiovyHfHBXQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2046383113259681480
s0.2mdn.net/simgad/ Frame 356B 		903 KB
904 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2046383113259681480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
bf0284bc0b11ba844c9074746ea96fa987ef1f48173241620191a09248433ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:56:00 GMT
date
Tue, 09 Jan 2024 08:56:00 GMT
x-content-type-options
nosniff
age
125945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924891
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:22:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo.svg
s0.2mdn.net/sadbundle/9373232566376595456/ Frame 356B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9373232566376595456/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
1c229e59da3e7db8ea3ac10fda40d79d399da450275ad25d009f41641986c57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:53:37 GMT
date
Tue, 09 Jan 2024 08:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1277
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 08:54:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame EA92 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=56dbf56bfd8c937066739b91&widgetId=default&sv=null
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57aad5a6a41ce2e55ddfd78acea0519999ee42d02ea8d3ad577aee01b6b077a3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1319
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-h4pj
server
cloudflare
etag
W/"2-26-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
843779be0a433751-MXP
access-control-allow-headers
content-type,x-tawk-token
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 19:55:05 GMT
start
va.tawk.to/v1/session/ 		1022 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.66 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d85bbda5bcdc2fe150f2fe0768a4ea8f14b3c24cf6136d1b16b8f4091c723aa8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
cf-ray
843779c40d690d66-MXP
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-700b
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://grabify.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://grabify.link
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
843779be1a6a3751-MXP
date
Wed, 10 Jan 2024 19:55:05 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-h6lz
en.js
embed.tawk.to/_s/v4/app/65839862293/languages/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792156
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"7f37a030886ec7fce1d065ec482789ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c38a705a19-MXP
dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D202401...
ade.googlesyndication.com/ddm/activity/ Frame D5C2 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3647,0,0,0,0%26mtos%3D3647,3647,3647,3647,3647%26amtos%3D0,0,0,0,0%26mcvt%3D3647%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3810%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D203%26dur%3D15061%26vmtime%3D3823%26dtos%3D1585%26dtoss%3D2%26dvs%3D1585%26dfvs%3D1585%26dvpt%3D1585%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3647,3647,3647,3647,3647%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3647;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D5C2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ&sigh=-Q-LLmiXsk8&label=videoplaytime25&ad_mt=3823&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3647,0,0,0,0%26mtos%3D3647,3647,3647,3647,3647%26amtos%3D0,0,0,0,0%26mcvt%3D3647%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3810%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D203%26dur%3D15061%26vmtime%3D3823%26dtos%3D1585%26dtoss%3D2%26dvs%3D1585%26dfvs%3D1585%26dvpt%3D1585%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3647,3647,3647,3647,3647%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3647&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF9E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
31280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 11:13:45 GMT
expires
Thu, 09 Jan 2025 11:13:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BBA8 		829 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
810c0d3d04c86558ae865a3404f2f1533112b12ec1dc47801c81c932034fa01b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wGkSqJdFBssJar0RX2LkCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grabify.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wGkSqJdFBssJar0RX2LkCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 19:55:05 GMT
expires
Wed, 10 Jan 2024 19:55:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame BBA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401040101&jk=1625128605099324&rc=05APYnBZU9hvT5jZGeu0T0MeeR56xrsBC4S24uWnM6jIY_c-PI8uzlWZ84wmLKgig2XYbQ-Ck5vQ7tPEZbqUbFX27IZ4uGBFOxVUk6P40mN6p0O8ua9ijfNFMqxJ_zjp8yA_k7Tfmlhiuq39UAvZpKLslkb5Kxl42m2XS3Knn_DkIJ2NujdjMp9tOO6YPaw6xL
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame AF9E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 19:17:09 GMT
json
gum.criteo.com/sid/ Frame B62C 		441 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=grabify.link&sn=ChromeSyncframe&so=0&topUrl=grabify.link&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=grabify.link&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
d7649b98329d7d6ed965de40e31d15f8a565e84a126ef5babf81a7f796032fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=grabify.link&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1209476
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D760 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8210243507259&version=m202309260101&ct=132&x=1&cor=14445150416216791000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 356B 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
2046383113259681480
s0.2mdn.net/simgad/ Frame 356B 		903 KB
904 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2046383113259681480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
bf0284bc0b11ba844c9074746ea96fa987ef1f48173241620191a09248433ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373232566376595456/index.html?e=69&leftOffset=0&topOffset=0&c=4ta2nWzv2h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:56:00 GMT
date
Tue, 09 Jan 2024 08:56:00 GMT
x-content-type-options
nosniff
age
125946
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924891
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:22:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
generate_204
tpc.googlesyndication.com/ Frame AF9E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ijUdow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
file.mp4
r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D5C2 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.108.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s17-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=4276238-

Response headers

Date
Wed, 10 Jan 2024 19:55:06 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 4276238-4322611/4322612
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
46374
Last-Modified
Mon, 16 Oct 2023 12:44:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Expires
Wed, 10 Jan 2024 19:55:06 GMT
twk-chunk-2c776523.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"70aec2dd89cac4933594c25b71d61f46"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c63f425a19-MXP
twk-chunk-9294da6c.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"398211e86ba1f74c4421bde7a06fc780"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c64f8f5a19-MXP
twk-chunk-2d0b383d.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		699 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"838903127a65ec440893b4945c40ca4a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c64f945a19-MXP
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"d1392466f248728bc183c96015db868c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c64f9d5a19-MXP
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		906 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c64fa15a19-MXP
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		535 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"c506281367048d4a134c9affbc68c8c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c64fa75a19-MXP
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"1eaf1603955ff543fb810fe5edc51e58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c64fa95a19-MXP
min-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 51A3 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792152
cf-polished
origSize=24831
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 01:45:13 GMT
server
cloudflare
etag
W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c84b735a19-MXP
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401040101&jk=1625128605099324&bg=!DA-lD0DNAAaumcC-jpk7ADQBe5WfOFKr2QMZXhZ5LSR8julVgDkzYShfdaCpKCsKw9TagMZmxeb--CpfhQHy91or7cW9AgAAAH9SAAAAImgBB5kCszUdoG4F45lfYSdKJVnJkxbLg93N5zZOF6KEl-B-QcW1U8fJ2L-Z9R-chx5IfY0LyMI2g7LyDFR8cj5hPFNcnqJd-plCGlwN8qMVmQYs6No2oDY37AWuCWMOfykn0A36J6ZUd0Xgc2i2j3KjK3urJXKhPGUwSB7euWOUJnMq3TEBeMYP4aZJ-JUTlUThmBZogRtDCAAgYldK-g2Q1Q2FT_xTqCi9TYUKrC-6F0LqvpGdbQaOqck2SpM53ZIffQrvQmWMGEyVrOnqZ6KViLsBDHySx7g75EgGWemm-yJ8ZpbSWLhnN-qY2MeoDrw4EZJet-aDAGy1DAMWMSOPAW6-vipJey2o7bMv0yJLFkR2j4uOux1I-dgXeytc8bGJRtHCGX6uJLIP8-HAooXme3llrZScMk5jEI2lKbh4VPMecJQ3Cmw-i7ohpwe_Ivy1zSlb9HIqn5bhTrGk7QXH18oLGbl5D9IjcdD2BvwJBbDJJXFmEiloZER2nlmeo8WqclxcHKtU99zuKQP6J7jDwgaCeza-74D-5eENmALxkgmj0Qj2dykcitXCcJKfLjQ15jl3fSoX0mw06tkhIhhyuiUI6TTo1lSZTj98Ce9-OBVoyuOBFOSesN1tF5mD9GjEvktiSblbH6fi6IBP-hFaTEOv21d1VB5-DWNOldqgB8c9v70gO_XdydcFobPUQr_Nu8_nE2B9h75ylx0hl3SCORvUjxQ7HjUFvFGzMM5LZpCdfwOwBjml-Wnmvv5bB5Adu_aTrmGW7WrE8M-OjMBLcvGwzvHr2s2JqV7Qy-ZuZESNiex_JXellbCb2oEeStSxRzuWHbcloBPYjaEHWws9aYybyfdHPH-bYX_9DZedXnvTYFkxYxb4ClzY9wQd7Ons3r2Ic3gyOFeSYdbFUldc_vk4__MvF1g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VII3g,pingTime:5,time:6841,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:39%7D,%7Bpiv:100,vs:i,r:,t:1833%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5008,o:1833,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,1~100%5D,as:%5B1824~300.250%5D%7D%7D,%7Bsl:i,t:1833,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5007~100%5D,as:%5B5007~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:246,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:658%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:07 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4840 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525570&asId=2c9dadb2-dfe4-31ff-97d1-66cb96f73455&tv=%7Bc:VII3h,pingTime:5,time:6841,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:39%7D,%7Bpiv:100,vs:i,r:,t:1833%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5008,o:1833,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,1~100%5D,as:%5B1824~300.250%5D%7D%7D,%7Bsl:i,t:1833,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5007~100%5D,as:%5B5007~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:246,fm:u0ZxSX8+111%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C1711%7C1712%7C1713%7C1714%7C1715%7C1716%7C17171%7C17172%7C17173%7C1718%7C1719%7C171a%7C181%7C19%7C1a%7C1b%7C1c*.1525570-72171815%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:658%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.118.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-118-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:07 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
message-preview.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame CB92 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:07 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792153
cf-polished
origSize=40832
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 01:45:13 GMT
server
cloudflare
etag
W/"cf4a08d496f49489af30571e3cbb48f3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779c99da25a19-MXP
max-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 6958 		76 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:07 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1792153
cf-polished
origSize=78180
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 01:45:13 GMT
server
cloudflare
etag
W/"0ab357443b798b4a1db6c4f22b1590f4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
843779ca2e905a19-MXP
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
465124
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230136-FRA, cache-lga21957-LGA
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9WXPje6vOCR%2B8F%2FXrRDeFFHywAuIWYVOC%2BjwPh3stgWmwxuh%2BWzbJtQCdqJTC5NYZWMumn0fjgEVG%2F86PXakD1oHlzEPz2%2F4tpz1VB3CImLz8a2zsf93JIoNSct%2FiNWN%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
843779cea956ba9a-MXP
file.mp4
r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D5C2 		13 KB
14 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.108.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s17-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
797438613ca24f624cfbb4203cd9315824421963b5bc50be65e9fa461ec534ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=4309006-

Response headers

Date
Wed, 10 Jan 2024 19:55:07 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 4309006-4322611/4322612
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
13606
Last-Modified
Mon, 16 Oct 2023 12:44:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
Expires
Wed, 10 Jan 2024 19:55:07 GMT
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://grabify.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://grabify.link
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
843779cd2e633751-MXP
date
Wed, 10 Jan 2024 19:55:07 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-ffjx
v3
va.tawk.to/log-performance/ 		5 B
139 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grabify.link/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 10 Jan 2024 19:55:08 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://grabify.link
access-control-allow-credentials
true
cf-ray
843779ce58893751-MXP
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-rx6n
dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D202401...
ade.googlesyndication.com/ddm/activity/ Frame D5C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D7440,0,0,0,0%26mtos%3D7440,7440,7440,7440,7440%26amtos%3D0,0,0,0,0%26mcvt%3D7440%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7603%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D203%26dur%3D15061%26vmtime%3D7620%26dtos%3D3793%26dtoss%3D3%26dvs%3D3793%26dfvs%3D3793%26dvpt%3D3793%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3793,3793,3793,3793,3793%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7440;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D5C2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ&sigh=-Q-LLmiXsk8&label=videoplaytime50&ad_mt=7620&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D7440,0,0,0,0%26mtos%3D7440,7440,7440,7440,7440%26amtos%3D0,0,0,0,0%26mcvt%3D7440%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7603%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D203%26dur%3D15061%26vmtime%3D7620%26dtos%3D3793%26dtoss%3D3%26dvs%3D3793%26dfvs%3D3793%26dvpt%3D3793%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3793,3793,3793,3793,3793%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7440&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noconsent
cdn.fuseplatform.net/telemetry/ 		1 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?cwvRep=%5B%7B%22name%22%3A%22FCP%22%2C%22value%22%3A%223930.1000061035156%22%2C%22rating%22%3A%22poor%22%2C%22id%22%3A%22v3-1704916495212-6822066913528%22%2C%22delta%22%3A%223930.1000061035156%22%7D%2C%7B%22name%22%3A%22LCP%22%2C%22value%22%3A%223967.2000045776367%22%2C%22rating%22%3A%22needs-improvement%22%2C%22id%22%3A%22v3-1704916495212-7767216026470%22%2C%22delta%22%3A%223967.2000045776367%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.012249018717447917%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.012249018717447917%22%2C%22element%22%3A%22tr%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.0850126953125%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.07276367659505208%22%2C%22element%22%3A%22a%20.pagination-next%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.0859314453125%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.000918749999999996%22%2C%22element%22%3A%22a%20.pagination-next%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.08756477864583333%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.0016333333333333339%22%2C%22element%22%3A%22a%20.pagination-next%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.08848352864583332%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.000918749999999996%22%2C%22element%22%3A%22a%20.pagination-next%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.09485559895833333%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.0063720703125000056%22%2C%22element%22%3A%22a%20.pagination-next%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.10618372395833332%22%2C%22rating%22%3A%22needs-improvement%22%2C%22id%22%3A%22v3-1704916495244-9613823911996%22%2C%22delta%22%3A%220.011328124999999994%22%2C%22element%22%3A%22a%20.pagination-next%22%7D%2C%7B%22name%22%3A%22TTFB%22%2C%22value%22%3A%223210.400001525879%22%2C%22rating%22%3A%22poor%22%2C%22id%22%3A%22v3-1704916495212-9764416238160%22%2C%22delta%22%3A%223210.400001525879%22%7D%5D&cmpj=none&v=1&ttm=1704916510112&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=831d4d19-c30b-520b-ade1-b6d6ef560f56&fid=1218&pubid=14&url=https%3A%2F%2Fgrabify.link%2Ftrack%2F41AL59&sid=863031b68ff006702f54&srate=100&adserver=gpt&etm=20896&e=web-vitals&tenant=publift
Requested by
Host: grabify.link
URL: https://grabify.link/track/41AL59
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://grabify.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 19:55:10 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://grabify.link
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Wed, 10 Jan 2024 20:25:10 GMT
dc_oe=ChMI6Yag88zTgwMV8QFVCB3uOgMXEAEYACC-nNRY;dc_eps=AHas8cC34tzfrDxk_-qviPKlY8WgVxn3eQYJe85gML9ODpKsNKpC-M2n9I9oxTNuYYGRf8W5kC6NrJUJyw;met=1;&timestamp=1704916511558;eid1=871060;ecn1=1;etm1=0;eid...
ade.googlesyndication.com/ddm/activity/ Frame 9E9F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6Yag88zTgwMV8QFVCB3uOgMXEAEYACC-nNRY;dc_eps=AHas8cC34tzfrDxk_-qviPKlY8WgVxn3eQYJe85gML9ODpKsNKpC-M2n9I9oxTNuYYGRf8W5kC6NrJUJyw;met=1;&timestamp=1704916511558;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D202401...
ade.googlesyndication.com/ddm/activity/ Frame D5C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyprw8szTgwMVUHSkBB28QgfsEAAYACCjpdBgQhMIvbuS8szTgwMV9wYGAB3YDwoH;dc_eps=AHas8cA6TjDFFYU1oXOo7wW6LKhaGka4DJT2j7qRIJt8598jh3TcW958x62KKzciOPVci-dYkNna32cjdQ;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D11154,0,0,0,0%26mtos%3D11154,11154,11154,11154,11154%26amtos%3D0,0,0,0,0%26mcvt%3D11154%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11317%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D54%26pst%3D203%26dur%3D15061%26vmtime%3D11339%26dtos%3D3714%26dtoss%3D4%26dvs%3D3714%26dfvs%3D3714%26dvpt%3D3714%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3714,3714,3714,3714,3714%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11154;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D5C2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cf8wGEvaeZfmNG5PU1PIP1u2L6AeeoaGuXKH56P6fA8CNtwEQASAAYPXVxoHMBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEF4AIAqAMByAMCqgT8AU_QljP2wQT-hfbIuWw3onm_z8OECfrjxXD5Plm9rLRGEYXIAJwJZTwl5P7nzMKzh8h66smzSvEjpCEqBw7mmYizOCdQWc5A6MmktWKFVTYUCxGV2qk_tDTuTqZgGsTHqPGkWJxv8FdmlImXmz0L87b8wVrBRPNuMIKUG6w6SKI7PrbTqjJEy6uTKM0RA-diDmnDc66Eqm66fexi5oDakMf3sRRumdHNEWuyNX4kH-SqbYBtuWPA9SleNt3XOuIxvIu0bnz40HiZlR3hLVxxb8x5P2akN7wUMKvkOawDDY1RoX8-_q9hPo8ztT4e-BH-DE6vUDWvtFu_VINCreAEAYAGg8Hfkdnl7-nRAaAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljS3ojyzNODA_IIG2FkeC1zdWJzeW4tNTk0MTY1NTEzOTkyODU4NPoLAggBgAwB4g0TCOGeifLM04MDFRMqVQgd1vYCfdAVAYAXAQ&sigh=-Q-LLmiXsk8&label=videoplaytime75&ad_mt=11339&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D11154,0,0,0,0%26mtos%3D11154,11154,11154,11154,11154%26amtos%3D0,0,0,0,0%26mcvt%3D11154%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11317%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D54%26pst%3D203%26dur%3D15061%26vmtime%3D11339%26dtos%3D3714%26dtoss%3D4%26dvs%3D3714%26dfvs%3D3714%26dvpt%3D3714%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3714,3714,3714,3714,3714%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D787031605%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11154&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1704916501653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIkfiZ9MzTgwMVyYf9Bx21Lwu1EAAYACDYgtxhQhMIp42u88zTgwMVTAtVCB253QBs;dc_eps=AHas8cC38ruacmroPeeaQAz79Njw3GNUYekXTa8F2P3L9S1tAHKUjz3Q0BPTWXkWceSL1Sp_qxacfiCicw;met=1;&timestamp=1704916515005;e...
ade.googlesyndication.com/ddm/activity/ Frame D760 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkfiZ9MzTgwMVyYf9Bx21Lwu1EAAYACDYgtxhQhMIp42u88zTgwMVTAtVCB253QBs;dc_eps=AHas8cC38ruacmroPeeaQAz79Njw3GNUYekXTa8F2P3L9S1tAHKUjz3Q0BPTWXkWceSL1Sp_qxacfiCicw;met=1;&timestamp=1704916515005;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 19:55:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnXEBhupO96OtvPqSbQ52gkldADivvOm3vHpRaKE7h1gSGLEzvb_11XKyQj5bPM1_27kFCr0_EUgu5zdt9j4clZfz9uCqRaUCjbI5QQK3ijnYKb3M33ZEVzrGhaTN4QolEIF8S2H5zY3pnuDzPpRJ5ojR_9H8YbZ73cW5wcAGUHszJAYgrTxFN6ntEDj9D-aLuqHJ9lm2W5F6x4Oj9W7e22B8nY2mKQekIoGjX2Ryo47LG4K9uoDOhAFlkyBmFveZj1LLSevPUeEmAiXnz5YUzcLuvStcNlWbANoAwhp-3NRNstxYAPenKEDT_K-eINhFj5z0hHS4bBmpZrrWLd9mZayolAqiVP-5fcd1fvqeM2aOBndDQN07WekLszr53&sai=AMfl-YRZY_gvmbwnca0JuJrxR0sD3k9D905ikqf794Fo17W6jTNYHhO4tKpu441TVC3SoZ2YxEcDC51fdSaq2PEP9dxopofIx8DaBj2Ej8ruoH54v4MJH3iou6ab-fjhVA&sig=Cg0ArKJSzH_2995-qqyVEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH_4IvWPKUuhZaYEvZcuJX0XmqEWkUhkCxYlAXAYy-tTodDVX3TKtMQfavaUc9YVY-bwIwjh_TlDSmmEryk85ceS-oln9GP5MtnUQCHioz6o0TiRzdnfm7F1KW-9_HzODHUWtg_TRXOhSzCRZqtk3fVBIKKdk7PeL346ug1-L4s-vId0dsbKs451VEm6K2_jEjEbG4ak9HeXP2TKpR8knUHcVElTRYOPI7en137pvv-hNcWaq2V85RNgCVpmyIwsu0HQ5HmhruCI9rELKmFuiM0hUsUPhvGNP0tDQ0u-YSUHiqzo9mSzixgqNFhGvnTi-5Ts5kOjucKqDj7CinftRqoQzs-vxMUbpGK3ve4jjLhjiPgnQxbcP2w5o8oYvFc3DDv0vZhf6rMCFYUMzrmHg&sai=AMfl-YRNAidkL56lGQhzcFAU-lI4LimCSv1Gu7n3U2VsVKY4t1BOirpQ5KzSGT2-VpDzD_hJEqVxqOzsYviQIhZatfgZALZbFhvQV-ojTJao4xYmqAOVLSkgqryM3vbyEg&sig=Cg0ArKJSzE8Puml5uLY-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuon3VWc0IBfQALbXvvx0A5T2zEzADiNPQdgp-nMEha25GR-x3lwUnISpBGpGRUaQB7YfU6LiN8oacVmYdndGRycYjPrpuFombSR21KAeT7zfbd3va0tzV8jPQtqIKlfwpF7FXt2NguKSvElOKVH8symYXq&sig=Cg0ArKJSzOpeMdf6MGUwEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=853106530&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916499033&rpt=255&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEJcZvpsLDHT4flPXlxRyPRJu_Bf39o0PR3PND8QTNU19TaUrUkQYed5HOGNz0zoNBI1lm33JlKujBT8lDFimdZegyeklMi-ufxSy-lYs2JDp0SXxnMa5qX7T3TsFlsjBi4hf8uOAgo0frl_Rtg6upGm-L&sig=Cg0ArKJSzEYrSnw9kq0jEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1905034420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916499155&rpt=227&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEK4o2Dp4HwxAUoFzx5Fso3o&google_cver=1&google_push=AXcoOmTReYhuE5JmkHrbK2mCENgN9mDybM7Md_9tTiloC_KWBLDgG52tNNf3QAsO7UwbE94HqNn7dBp1GFA_GnsJsm6N49XNnYyLOw
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0SN3TIhmKXO501L3Fzs2w9I3TQrtG0UNn6pVsyOjOg1JjW2Sl6VbzgCFJiS1xUAtS-1k85AwcwSjO_HY1iXg44Qm9xie9FYaW8Ci4s1CO_7oBkhsw52ZCPpu7JiqNiBVafuKydT5eGAgGUAAi7GNT2ipb&sig=Cg0ArKJSzFbRX1yPaNu3EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1708490306&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916499115&rpt=232&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfWLsDsqsLDVTg8jG46gdZqm9NZ-S_5MxfLWQbOoOy4e9XIBJjiNdiYJpWAc9hGQA8nGQEORnfIiqPIOvBfUF_8j4ynXANMxw7x7-AOUGl6u0J76k4FZhafdxIw64F5MVWkUpLqXiGgSepdeSehJxXchXx&sig=Cg0ArKJSzGTeFFpmwcwsEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1819770311&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916499139&rpt=269&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlR2lES1zAmLjhs_eY9ynnDjYZpgd8Z3Nv42UXsIn24vJapGQZmcP7qWRyNh6q2Gpo7nUkL9-Fxr6sf5mdmWeNIN3ndpn7O6e__jj01-Lxg7gOcWe73719zaeUCGOBnJw61iaL7xdrrF3mG4BsjF-2L862&sig=Cg0ArKJSzHCo7JP3qXVvEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=512774694&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916499169&rpt=266&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueAGcMea8D9moErdQ0aXFC0mRd-z6U7cE3KkBj1y6POLSaW179dHjlvKea2DVAZ7gyCAUw0k5p2Bh7iXQMC7CRRzwPIvShdv07Kpn2qLsBiWTC3IrOl9Jd-EjK0AD-2bJomg70g70WBTaFdKP5eidVV38c&sig=Cg0ArKJSzM-cyngNPsNEEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1905034420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916499908&rpt=170&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulAuoF_Q6wFartRDQ-cvTMjzC-5-1LKI5MKIf17Nj9XqJZxfi_gQK-U9uL-95EbMKFdWTc2O-40COoheP7LEfqai2WvpM8qC2S-b0iBoVF6LP4DzFTxbWrK-v-guC0EI3RKUSl_IukLbxpfntc8ZJ1qggE&sig=Cg0ArKJSzJ-2_1vD_GWDEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1819770311&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916500559&rpt=146&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw-d-R2gCmvG60byXkmj9NMVc6QJRkE6mr2r9wd8LIdD-POA4xQRcMSAD33nRdvfQhAa7wMoD2XqQ3W3X6h_A3_TpcAAqv_6dcsfpmNki_IoP3csFpxAbcWmspxluYH-JD58z0fxroD6peeTyJRvZA94Gx&sig=Cg0ArKJSzPHz8UPGytU7EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=512774694&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704916500918&rpt=171&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESENRrd8F8pvKnIJObKrF4Hzs&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture function| openModal function| closeModals function| validateSubmit function| formatNumber function| $ function| jQuery boolean| canRunAds boolean| gs function| gtag object| dataLayer function| QRious function| onSubmit function| loadRecaptcha function| _0x43b552 object| _0x219185 object| _0x26f3e4 function| _0x3fa7f9 function| _0x5b9d96 function| _0x1b0cb1 function| _0x2635d1 function| _0x510f86 function| _0x3be1f2 function| _0x4d5a37 function| _0x1a7bef function| _0x39591f function| _0x4f03ee function| _0x21a6f8 function| _0x39ff7c function| _0x510085 function| _0x500b09 function| _0x4eed5a function| _0x2a9a30 function| _0x43c085 function| _0x1eecd4 function| _0x1c1d88 object| _0x57a88a function| _0x151391 function| _0x4860 function| _0xd4766d function| _0x252d object| Tawk_API object| Tawk_LoadStart object| webpackChunk function| axios function| Vue undefined| hash function| continueBtn object| anchors object| anchor function| setCookie function| getCookie string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _0x2cdd43 function| _0x1b9456 function| chrome76Detection function| _0xd960 function| isNewChrome function| _0x4d2b object| batteryExternal object| google_tag_manager object| google_tag_data object| __cfBeacon object| gaGlobal object| closure_lm_841389 object| x string| x1 string| x2 object| fusePbjs object| fusetag function| __tcfapi object| apstag object| googletag object| _aps boolean| apstagLOADED object| apscustom object| ggeac boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| fusePbjsChunk object| pbjs boolean| __bt_already_invoked object| regeneratorRuntime function| __tcfapiui function| __uspapi number| google_unique_id object| Criteo function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 function| __iwgtk__ function| __iwct__ object| __rfc__ object| __rfs__ function| __old__refresh function| __ori__refresh function| __rfsfn__ object| __i2w__ number| __iwuri__ object| __iwur__ object| __iwasc__ object| __iwrso__ object| __iwst__ function| __iwurff__ function| __iwurf__ number| __sti__ undefined| __st__ object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| GoogleGcLKhOms

139 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APYnBZUCAk_YLf0X-y0WLKo9Y72no_eUzMzLLMrHy9jRttVSteg6ZBuz7y0KfZeyWNlQRZiwXwUlGtVklm5IcYw
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARD4Fg
.grabify.link/ Name: _ga_BT991JCKD2
Value: GS1.1.1704916494.1.0.1704916494.60.0.0
.grabify.link/ Name: _ga
Value: GA1.1.1320112297.1704916494
grabify.link/ Name: XSRF-TOKEN
Value: eyJpdiI6IjFYSEhTN2NBbXQvMHZ3Q3cvMnJUMkE9PSIsInZhbHVlIjoiYzZ6YUFCM2RHYTBGLzJVYloxNFF6N1gxZmJwQlZvWStPcDBEZXpQVE80TnJYUmwrM1JWbUoxVWtHZzNJT0ZIeE1LSWVLSnBYMGdTQnoyQ0poQ1hTTzBGY291RUFJdTdQVFhnMDF0Z1dCcXpLREppV3JxYkhXeFFEUTVrZkpBdFciLCJtYWMiOiIxM2I5MGFkZmRlZjMyOTE4YTBmYmFhNzA4NDlkYjFjYzlhNDFiZGFjNTU2M2RhYTFmZGQxYjBiMmVkOGE1M2FmIiwidGFnIjoiIn0%3D
grabify.link/ Name: g_session
Value: eyJpdiI6Ik16b1Q0RnRodXhjSXRDcGtIV3poMkE9PSIsInZhbHVlIjoibzVDL3RWOHNXOFJqcGRueVRJRjIvZHEyWW45dk50VlZWUEw0V1BGR1MvZG9GZWJCNnBqZSsrbkMvYjhHeWVnSElCYW8vTlNBSjIrM0tIbDMyRU95TG9jU1U4ZHNtOHBqbFNRVlhYczNQdmQ0VUhhVGJHQ3pDZG9tMCtOQzRmN2giLCJtYWMiOiI0ZGU0YzliNWRiMzFiMjU5OTg3ODUxY2U3YTM3OTRhNWNkYmQxYzY3MDM1ODdmY2QxZDQ2NzZjNDAzNTA3YWIwIiwidGFnIjoiIn0%3D
cdn.fuseplatform.net/ Name: akacd_grabify
Value: 1707508495~rv=31~id=de2d25ccdefe0e4d18a4b53d59dcba37
.lijit.com/ Name: ljt_reader
Value: H-DqsBZHonI8ZJ47TYevw35C
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 566977=5798634
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.gumgum.com/ Name: cs
Value: true
.smartadserver.com/ Name: sasd
Value: %24qc%3D1310350392%3B%24ql%3DMedium%3B%24qpc%3D4600%3B%24qt%3D73_873_939t%3B%24dma%3D0%3B%24qo%3D5
.grabify.link/ Name: __gads
Value: ID=6b1d51725ff6a40d:T=1704916497:RT=1704916497:S=ALNI_MZ5naSNjPmSA2UzWz9Ds5m7wkfY5g
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 1_1704916497_1704916497
.smartadserver.com/ Name: pid
Value: 3921665730064509669
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1310350392%3B%24ql%3DMedium%3B%24qpc%3D4600%3B%24qt%3D73_873_939t%3B%24dma%3D0%3B%24qo%3D5&c=1&l=1820179689&lo=1520293480&lt=638405132975837634&o=1
.grabify.link/ Name: __gpi
Value: UID=00000d3f405cc44b:T=1704916497:RT=1704916497:S=ALNI_MYb1Dbu7KX9Z_PJl8uCjeytRvvq2w
.adnxs.com/ Name: icu
Value: ChgI8MJcEAoYASABKAEwkez7rAY4AUABSAEQkez7rAYYAA..
.adnxs.com/ Name: uuid2
Value: 4261276730387416164
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f2039597f87c217357776fc18f758fde
.teads.tv/ Name: tt_viewer
Value: 4cd30afd-9553-4fa5-bf2a-5e6f2a1638e5
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: vst
Value: e_e7dc0488-0eea-4594-b6cc-0a98b4e5f8d3
.grabify.link/ Name: _cc_id
Value: f2039597f87c217357776fc18f758fde
.grabify.link/ Name: panoramaId_expiry
Value: 1705521297713
.grabify.link/ Name: panoramaId
Value: 2ff9d5ec8c54501f9eb5de662374185ca02cf540e4af48883c07b8380396ac47
.grabify.link/ Name: panoramaIdType
Value: panoDevice
.connectad.io/ Name: uid
Value: 01e2aab3ad73a763d3d3be29f94ea8bac703df20
.amazon-adsystem.com/ Name: ad-id
Value: AzyBWc8MTkXQj6_Hn1dlYm0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: ZZ72EsTdxh8P9zeyMg-eQQAA
.casalemedia.com/ Name: CMPS
Value: 3265
.casalemedia.com/ Name: CMPRO
Value: 3265
.openx.net/ Name: i
Value: 76a16511-438a-05ef-012d-3b6da33252cb|1704916498
.bidswitch.net/ Name: tuuid
Value: d07a02e7-9f11-4152-8204-dc68e15622a5
.bidswitch.net/ Name: c
Value: 1704916498
.bidswitch.net/ Name: tuuid_lu
Value: 1704916498
.3lift.com/ Name: tluid
Value: 4049355094611287000656
.mediago.io/ Name: __mguid_
Value: acc8ce73d32b85952sopae00lr879hu9
.openx.net/ Name: pd
Value: v2|1704916498|n0vNvQiygu
.csync.loopme.me/ Name: viewer_token
Value: 0e954c6d-461c-472e-8a13-cc56d92f0cb8
.yieldmo.com/ Name: yieldmo_id
Value: VEe9R__OOM_ie1BGpKdl%7C1704844800000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1184809%7Cc%3D1184809%7Ctapad%3D1184809%7Cdv360%3D1184809%7Can%3D1184809
.bidr.io/ Name: bito
Value: AAGJmE7LPewAABRdza0NvA
.bidr.io/ Name: bitoIsSecure
Value: ok
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkdmKONvbheadr-CrRMV0mUSYfD4KEdJ5HWfYtatUyfsSAm9OFRqdPNCtYzNeE
.adform.net/ Name: uid
Value: 9137344626810906505
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9751CC68-3D62-4259-91DE-A54BCBD0BACD
.tapad.com/ Name: TapAd_TS
Value: 1704916499080
.tapad.com/ Name: TapAd_DID
Value: 4e375814-5774-445a-a5a4-ee9354addf5e
.media.net/ Name: visitor-id
Value: 3479180990041155000V10
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.dotomi.com/ Name: DotomiTest
Value: 23b27d5e64461914
.ads.yieldmo.com/ Name: ptrc
Value: CAESEK65Vl0BNgWrVmzJZM8UmFE
.ads.yieldmo.com/ Name: ptran
Value: 4261276730387416164
.liadm.com/ Name: lidid
Value: c914b96a-9739-471c-9dca-d52fb923f4d5
.weborama.fr/ Name: AFFICHE_W
Value: SalUm2tkrGlJ41
.simpli.fi/ Name: suid
Value: FE721A3DDDE64E31BD9FAC6D37C1BAD4
.audrte.com/ Name: arcki2
Value: g58QScVyKonRxalSL79RkAfOQ!20220908!1704916499551!ip#83.173.209.251
.audrte.com/ Name: arcki2_pubmatic
Value: 9751CC68-3D62-4259-91DE-A54BCBD0BACD!20220908!1704916499551
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENCEFfG27TrPusuOSXqLCKU&KRTB&23025-CAESENCEFfG27TrPusuOSXqLCKU&KRTB&23386-CAESENCEFfG27TrPusuOSXqLCKU
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9137344626810906505&KRTB&23263-9137344626810906505&KRTB&23481-9137344626810906505
.audrte.com/ Name: arcki2_ddp2
Value: g58QScVyKonRxalSL79RkAfOQ!20220908!1704916499675
.audrte.com/ Name: arcki2_adform
Value: 9137344626810906505!20220908!1704916499864
.mathtag.com/ Name: uuid
Value: 77ae659e-f614-4b00-b80e-c5e00b9cdb8d
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:77ae659e-f614-4b00-b80e-c5e00b9cdb8d
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003%22%2C%22nxtrdr%22%3Afalse%7D
.doubleclick.net/ Name: APC
Value: AfxxVi7d2Eq8TH9JZJm82Jx1zMXrzb0Hh2ZfJU8emL8p8FyQ_wQVGg
.blismedia.com/ Name: b
Value: 659EF614E29DAC57072DA391BLIS
.w55c.net/ Name: wfivefivec
Value: wkhiIcG81RnEFe5
.w55c.net/ Name: matchgoogle
Value: 5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003%22%7D
.turn.com/ Name: uid
Value: 2387311952291215964
.ads.yieldmo.com/ Name: ptrunl
Value: RX-b027dcad-66b8-4dc9-a441-6a22d91889db-003
.zemanta.com/ Name: zuid
Value: YTocNtfhanXtf6jbLOhz
m.exactag.com/ Name: exactag_new_gk
Value: 3b143c2e85504ffb90ac093e4b0ccfb0%7C10.03.2024%2019%3A55%3A00
m.exactag.com/ Name: exactag_new_uk
Value: acc8deadd4264ea69fdbc3d6f8e50185%7C
m.exactag.com/ Name: session_session
Value: 27dd416486804143a0a0fd9c
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22FC9922CC-6854-4D99-379D-2DFC6572D4F4%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-47565e1d-963c-47d9-6207-2e3b1758d3f7.KqLtBIPGKerSchJurr%2FpmKT1pjIjrEgTl88KTbeZpWI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-47565e1d-963c-47d9-6207-2e3b1758d3f7.KqLtBIPGKerSchJurr%2FpmKT1pjIjrEgTl88KTbeZpWI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AR1ZeHZY8R9liBy47F1jT9w.gxgXLpABcYMQMgX79ffoC%2F03RFX8iV7gPYjswwGu6Es
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AR1ZeHZY8R9liBy47F1jT9w.gxgXLpABcYMQMgX79ffoC%2F03RFX8iV7gPYjswwGu6Es
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDuW3Z6KVUWUbhh_3EqIdAb3V5Y8XNmzHmIVEuxyf0XpEHwYAiCU7PusBjoEbw-3YkIE3fN-xQ.bT%2BFOC2cZqlOKyE7S%2FPmYqF%2FBW%2FtL9ehJ75bJttMS8I
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDuW3Z6KVUWUbhh_3EqIdAb3V5Y8XNmzHmIVEuxyf0XpEHwYAiCU7PusBjoEbw-3YkIE3fN-xQ.bT%2BFOC2cZqlOKyE7S%2FPmYqF%2FBW%2FtL9ehJ75bJttMS8I
.smaato.net/ Name: SCM
Value: cea8a33fc4
.smaato.net/ Name: SCMt
Value: cea8a33fc4
.tremorhub.com/ Name: tvid
Value: 19563eb842b345458b23b260e2ab4ffc
.tremorhub.com/ Name: tv_UIDF
Value: CAESEF1xQu-CVi7x2wQWKSstaHU
.tremorhub.com/ Name: tvssa
Value: 1704916501165
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVQevTwg!]tbPl1M>e)ZlrFUfJ+tGXxpWKz`A!IjNJtYMEfNFlC+yM$d)'X^X(=c]tab3If)y3KL9D3I?+oa21Y:
.ctnsnet.com/ Name: cid_3e904dd08e8440dabddad7286ba28096
Value: 1
.ctnsnet.com/ Name: gid_CAESEMhgIhRjU8XV2suykKatk7o
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: kc1dw7KpvvfSZrdXLHjj
.go.sonobi.com/ Name: __uis
Value: cc66ad2d-3985-43c0-8884-8fee449e377f
.go.sonobi.com/ Name: HAPLB8G
Value: s8550|ZZ72G
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZ72FQANin93EABd
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1706054400%3A226_219_197_201_245_241_235_227
.pubmatic.com/ Name: SyncRTB3
Value: 1706140800%3A35%7C1706054400%3A54_251_8_71_56_220_21_3_13_7%7C1705449600%3A223
.tremorhub.com/ Name: tv_UIGL
Value: CAESEOTsdbfE7uCr8UEUYyUgluQ
.yandex.ru/ Name: yuidss
Value: 2593480631704916502
.yandex.ru/ Name: yandexuid
Value: 2593480631704916502
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4261276730387416164&KRTB&23339-4261276730387416164
.onaudience.com/ Name: cookie
Value: b651756cdccbd741
.onaudience.com/ Name: done_redirects104
Value: 1
.semasio.net/ Name: SEUNCY
Value: 9E81EE1B28A89E5E
.onaudience.com/ Name: done_redirects219
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yl~2g3v
.quantserve.com/ Name: mc
Value: 659ef617-0b475-06409-a8778
.yahoo.com/ Name: A3
Value: d=AQABBBf2nmUCEK2JTto1WgnlsO6kdJedf6MFEgEBAQFHoGWoZQAAAAAA_eMAAA&S=AQAAAmKUcRXrTftt4s5D-jD6hrc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k&KRTB&19420-odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k&KRTB&22979-odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k&KRTB&23462-odgEb_HbDD263V8-oNgQOqHZDTO6jAU9oNV2Sg3k
.pubmatic.com/ Name: PugT
Value: 1704916503
.zeotap.com/ Name: zc
Value: 7aca9bd1-4597-4ce2-4ff5-b62191a0bc99
.zeotap.com/ Name: zsc
Value: %C9%9A%2C%D2%80p%DE%8A%D7%96%7C%7C%3D1%F2_%ED%DF%CC%8C%DC%C0%BBJ%9E%15%1BP%3C%2B%95DM%F3%A4%EE%9D%BC%F2%9A%1F23%A3%81%A6%09%E3%C6%98%14%E5ub%0F%3D%ADT%E9s%F3+%CFe%02P%A6%D0%2A%8D%B1%9By%93g%02%A4%B2B%E5%BFB%B7
.pubmatic.com/ Name: SPugT
Value: 1704916502
ads.smartstream.tv/ Name: DID
Value: d8a8cbc05c4cb42f87c6f0b12e632bf0
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.quantserve.com/ Name: d
Value: EJ0BDgHvKoEO-TA
.adnxs.com/ Name: XANDR_PANID
Value: ct4qtKSY2TohJUbONVTASTu-Xhe0qOx8dazAtKoa8u2zsu4W2CYrDH83vunJN_rqk9JSIU5NgMXY3Bb_iQ0YeGYbBre30o0DZt4021lEvgU.
cm.adsafety.net/ Name: UID
Value: CM1202401101955f9a7916b1d322cc5d
.adsafety.net/ Name: cm_uid
Value: CM1202401101955f9a7916b1d322cc5d
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvdmhGTEM0SUZ4dm13a2NMNjRGN204bjZ4T2lpUCtxbEMxQUw5TGNDUkRpNjNDYTJzamVudnB3SnVGNktDMmptRlZ0WlFuSm9ZT0Qvc0NPL2dKMFhtTFhmK0ZvVit0QjB0V2JPM2pyRTY3ZFJJOGQxdXBUSnVwVGc0UC9Nak1LSWoyaU5QUXY0TUtCK20yMzA0WDhONzltVEhPbUN4VlBjZm05K3AreUliRzdHUU1WWGdPdmE3R3hlRjFMRjFhQnlMWFMvOXdwTnRVUHhlY1BpakhKS2NPZ0d4VWpyUUl4WllpWnlVS01zQ3ROb3oyYk1hYUw5ekU1dWtvaDdidS9yVUN5Nnp1Vi91dnozdXNUZHRTcjgwMDJlanczbktOK1czUklzaXpMdFpWNFNBTk13aGhYb2ZxUFd3Zk9sUTgxUEZRPT0%3D
.adsby.bidtheatre.com/ Name: __kuid
Value: e1bee232-1bd9-4126-b56f-e315a145417c.474130504
.de17a.com/ Name: guid
Value: 1.366674971312900556
.bidswitch.net/ Name: google_push
Value: AXcoOmSu37GPJO63MF3pqfAbpUhaTe-8xppjG0Ec9Y2O1Mkar112T4X5D_N2ztMuredkh9eYueIWuq0TMTo2IFw3Glx-6ASAmYzvAQ
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22FC9922CC-6854-4D99-379D-2DFC6572D4F4%22%7D
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: amntuJy4ZawFBA9MAIAno9DCm3beUvIHr6Xg763T2iHo9ZbxiUGFWrjQXZbJf80hTTtEXxfDVPGmu1DNY4dakdhbrOS
grabify.link/ Name: twk_idm_key
Value: 7lVZ5fuTOraAhKgwUZCdr
grabify.link/ Name: TawkConnectionTime
Value: 1704916505569

8 Console Messages

Source Level URL
Text
rendering warning URL: https://grabify.link/track/41AL59
Message:
[.WebGL-0x398001f3b100]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
network error URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEK4o2Dp4HwxAUoFzx5Fso3o&google_cver=1&google_push=AXcoOmTReYhuE5JmkHrbK2mCENgN9mDybM7Md_9tTiloC_KWBLDgG52tNNf3QAsO7UwbE94HqNn7dBp1GFA_GnsJsm6N49XNnYyLOw
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESENRrd8F8pvKnIJObKrF4Hzs&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH
network error URL: https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH
network error URL: https://r2---sn-1gi7znek.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C80C656A6CE3198A3864AB3469E5E8652007590.78658087711BD2CCE85EDF04EFF836F2408F1E1A/key/cms1/cms_redirect/yes/mh/OY/mip/83.173.209.251/mm/42/mn/sn-1gi7znek/ms/onc/mt/1704915554/mv/u/mvi/2/pl/23/file/file.mp4
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8c64c8513ed48455c35d61879fc36997.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a5220.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.smartstream.tv
ads.travelaudience.com
ads.yieldmo.com
amazon-tam-match.dotomi.com
an.yandex.ru
analytics.pangle-ads.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
btloader.com
bucket.cdnwebcloud.com
c.amazon-adsystem.com
c1.adform.net
cc.adingo.jp
cdn.fuseplatform.net
cdn.jsdelivr.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cms.quantserve.com
config.aps.amazon-adsystem.com
cr.frontend.weborama.fr
cs.chocolateplatform.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.turn.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embed.tawk.to
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g2.gumgum.com
gcdn.2mdn.net
gcm.ctnsnet.com
glookup.info
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grabify.link
gtrace.mediago.io
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.connectad.io
i.liadm.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
m.exactag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
neural33.cdnwebcloud.com
onetag-sys.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg-apac.smartadserver.com
r.turn.com
r2---sn-1gi7znek.c.2mdn.net
region1.analytics.google.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
trace-eu.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
va.tawk.to
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cs.chocolateplatform.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
sync.search.spotxchange.com
104.16.57.101
104.16.85.20
104.18.25.173
104.18.36.155
104.21.25.19
104.22.24.131
104.22.50.98
104.22.54.206
104.22.74.216
104.26.3.70
104.26.8.202
108.177.15.154
13.248.245.213
13.32.22.213
13.32.27.108
130.211.23.194
134.122.57.34
141.226.228.48
141.94.171.214
141.95.98.64
142.250.181.226
142.250.184.226
142.250.185.170
142.250.185.193
142.250.185.206
142.250.185.66
142.250.186.131
142.250.186.162
142.250.186.33
142.250.186.34
142.250.186.38
142.250.186.66
142.250.186.72
142.250.186.99
142.251.173.154
143.204.215.88
145.40.97.66
15.197.193.217
151.101.2.49
172.217.16.195
172.217.18.4
172.217.18.6
172.64.151.101
172.67.38.66
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.173.187.118
18.193.58.13
18.197.202.18
18.245.86.8
185.64.189.112
185.64.190.78
185.64.190.81
185.64.191.210
185.89.210.212
185.98.54.153
193.108.153.12
193.108.153.23
193.135.9.126
193.135.9.134
198.47.127.20
2.18.96.187
20.127.253.7
213.155.156.164
213.202.235.9
216.200.232.253
216.239.32.3
216.239.32.36
216.52.2.86
216.58.212.130
216.58.212.138
23.218.209.56
23.52.123.144
3.75.62.37
3.76.149.124
34.111.113.62
34.111.129.221
34.149.20.76
34.240.111.87
34.96.105.8
35.186.193.173
35.190.0.66
35.204.158.49
35.214.144.54
35.214.168.80
35.244.159.8
37.157.6.243
46.228.164.11
46.228.164.13
46.228.174.117
5.196.111.65
51.89.9.253
52.17.148.138
52.197.237.41
52.208.118.80
52.210.103.224
52.210.29.170
52.222.239.116
52.46.143.56
52.58.140.226
52.87.8.97
54.154.107.3
54.201.118.64
54.210.107.216
54.72.123.219
54.75.58.229
54.81.187.36
63.215.202.137
64.202.112.95
65.9.66.122
67.220.228.201
69.166.1.67
69.173.144.138
72.251.241.204
74.125.108.199
77.243.51.122
77.88.21.90
85.91.45.134
91.134.110.132
91.228.74.244
95.101.196.17
99.80.24.194
99.84.88.50
99.86.4.71
0157f7dc40b6d1f11a9fbbc78050716bf696c588b83bb21d13bc32fa8e9ada2c
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03bb6578455e42604d7d7c5c216591a23942b6986d20a60da8aea895b7bbcd3e
051dd37d5fa5cd6b4aa88b2eb0c26fea5893717c938f92106c9d8ed66f55e8af
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d23b6bda160d3543c4d2f34d302c6941dd0dd70b333a5b02c671ed843dd380
090c61f18902068e7d07239736997f1a94127d66c7af445a95f6dcf77515703e
095f3056fe0b1444bf1d15d9ed841ced55a0f20c48b531bb00abf878b61c274d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9bd520cf2c03793934666d9f14668fb58ef8ab26eaa818ca7c03c647904a07
0d63da8e04beb35a5c4e53c8a84ab700f8c9a14528d08c272b42e3a343e77828
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
0fafebe2bd3d5c2274764e25c340e8d83a18cbee83349ffdbcab89e676e564d8
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a267c20208e56ca707bb022b70b7c7708b951ce1f9717becd94405983b75f8
1b24a71d6c9a806e5b2a4b1d7bafcd847b61d5217be1be57329ef0254d5bf160
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c229e59da3e7db8ea3ac10fda40d79d399da450275ad25d009f41641986c57b
1ca7faf07bfa3245a65c7fa49eb49bce95e31a30d33cdc67fadd6670a50c67a0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e92c8948a71a4b8435fdc957984bd29bf2e158bd04f9fbb631b416aa7ecd0c8
1ea7d896f41826cb8a2b63ae74f16ea0b280e605370539c3a2ba623f28cdf774
1f264f55c458c3e092b8d562e3805e2904ca9f797696e734afe3e7b6710d7608
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21183b38bf88f31bb2640e1f798cef48fcd73b13de5405061b7dc48769f95ea6
2142b46e9d361b98bc264dc4ed891060a62677ddbb0f23b9c20f21b5ec0e47c2
218d4a52f3b07e829f1eb3a233a2399c73cc8c07061c0fdd5b4a86268a0c1fbc
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
22bd450fa24010af890c6586bf2ba358e09c4871faa44e408a5bb22514da03fe
24e7dd5a8c012fbbb65fbdeec736abe39b8f056da36c38efe662f1d126cb53da
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
2696d11bd83d1a705038b931de9c6a8e95e43fd79b3b6999fb7b5ad20429472b
28fd4537f97937a66f5fb708c99aa823bbbbcfac033cbaabd0710422b46d6e92
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29d4394c58c409ee52b6e3d61d01117819fc8ccbf9cef8a24123d16df443d84e
2a3387c0ded718861e49bafc66b028a1f5335afa6ecac37a1afee5d5825f52a3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5ea17e1328be2057e94106d268cf6fe9ba4dc95c2aaa3ecc7b23afcec36ef9
2f95e7d1f5ce4a8c3ddcf39809cfba9e024255b0200c015482b7405bccf21c13
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
303de2fa51c0159bb08fedec14ed162e0368756501e54c37f7acb4663acda1d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
321738689190dd5c7f85b17eea02c4c28f54e716a36a3a04146e7f58d5bd2fb7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
349e73c520216b45426d4702078175eb23522185867797d0de20c56a92960eaf
35025ebb992e9ae52824cf5e272b7213e1424f9274b8e23ed53b2d32588c31be
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3c7788279482ed1279eba2d842093bc6a3ffe2d493f032c127a45749f5b44047
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40ad67d06519a22417ff121bb7176695e975cb9357a3a61c1e8822e9ed193d47
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42dc4a2eea1119e413b10d6ac344f6a261d85c81a4198104692a4fb1432b17fe
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45e828ba57984706b3248c6355ac48302906bd5bab647b32236196939c4cc75a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dc97396d32894040e2b66903e1de10a2a3c369785ae2cc3073a651adc79a37
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49197fdf28ef66458948f5c58db85bd8d4b1f72aa8bdb9fdcd1cd2319571600a
494e2cc25216c748be4a85e81747d923c42ffb56de687ce6a18538382111e22c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca438c5c77001c3baa59827265fcf28cfba2909df0d730356cdb8523eafef06
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70a90172dd2b2a28a2e74cafc507ace479dd958af8a22dc09c2554ce45fe6f
4ef6db15dc2cd523ceda17dbe96d06a3eb3812f214c0b2e35f9bf929719da720
4f592678971e1352cbe2647a6551a37f055e5db589d9c6215efa7b5c181cbdb3
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
512b9ab20b47b80daea2bd987e3af2f502af87f57b3eda5a5f75b0d432ac0a88
5272189a7369d1a16586ca3f266bf66033d8b722f645c4d3e2018d6cf06e2bd8
5310c328dbae70ce3e49ce1910261c80667e8525d1f2f5ca45a1f5d2a6125dfd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e55a263a6e449016622cd68d5e2bb2a8e6db8448645fef1aab14b1f868f553
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57aad5a6a41ce2e55ddfd78acea0519999ee42d02ea8d3ad577aee01b6b077a3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e2192ec24e4b219b3cf1b1ecf35c496b121c70b3570f5388893c05b6b9a6078
5ea8eeb895c23a186758a52f6a4fbf4ab7224f3c2aa58091dc134ab3accb42e1
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5fee4064714573f6383c4d0a771f200e5ed14d83ec8e640f9855c8496bea482f
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
613e41d55d626878e4214a5ccc86076eb694d71bbef90472950a773960ae9de1
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628c8d3cb1313c8e1ddd8a1b30d8e4bdefd280fd47103344e7c03edf5ea0bb4f
64f3e0ab3e58213744ab82fd4170e95504a0d5eba25594f42e292b8f104a8293
6555d1243e4d5475720ccffbecc70070f3f15f0c73a08490e46f7dca4d118256
65623973184dd1b2d95ea6ac7807905cc3355ee1cdd938a451d337688f1690b7
68b1e556697895ec0eb0236a939907e9f428b97ec20a903d3a6c689adffc862b
69c55fc6396f6aa848f35eb3b0f5078730a4805f746a9743ccdd58bfd8d74d2f
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6afba1a11e41d2d4c6238629c5c39f4c621dc3ba946438e98996cf68a1559172
6c9b6ade974a8bb123931e0d2d9e08f5e8ee2d89efce99a8558a4fb8a610fa33
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
778c4356087704d1125583004b45a67e4c803c12a922a528131a44b49d9bcac1
77c93ffea4131e015a9f071744eb997b65bda488834510efac7df72009134f49
7819fd1f26d30293d552d59793e00ff2c402b3521af30a5b7ba6be3873d55984
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
789bd27140047af9fdc857db7edd9c82ad0bf4bb7f0dfcfe88c1895797f338b5
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7918c11540b6af0cacaa0f1f239997bc39adadd2386fb48adb1b9fce697cb6a7
7929a4da51b811df7fc746c9d3774cf065c31685f1ef58651f947cd719ff04b6
797438613ca24f624cfbb4203cd9315824421963b5bc50be65e9fa461ec534ed
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
79e25514f8e3c2b6cc4959648570da0012773be1804e9e005d3b24313c0910b6
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7cbf453d798d89c6f09c21a8b7a9fb4105935908140f341ccd4a850b571bfe3d
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7fc96c14f8de30465d739851fe764f0bd5948c526f0d0ad7f73ddf9296f0a507
810c0d3d04c86558ae865a3404f2f1533112b12ec1dc47801c81c932034fa01b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
870f5a1a5e5fd0b82fc34c742d58016bc25527b5afca1827997731d25b7e6757
894c9cfd847ba9231f088cfe0649d2aa81c38da89adc413c36a3dc39b10676fc
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
9000a06682403f26d74736054dbf2a1105a8f47de6dfedb87dc2b7b239e92d04
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
928e02add69a4cbcfb68389bb04b37819d741d5676fe813948dd77c871dfe179
92ef8aaff0d634472d555329eb2848579c637297ec749ce1f59f32c3dc1aaec2
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
94ae356754546254db594155d7b423b920a237d367dfebae35af67a5fa1b11bb
95635cff5d46677f348c8953f0e9f6d785f783ab2dcf0a53af7fb6649a145c4c
9610d91b2505c3f9fbd010468a91459fceb859dbd8e43c70e583645b609c7a80
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5ddae69102aa426017582a473e0eee873a17358630031c94818bfbf1bc005f
9c10c88ed20928a67c7617186630e1da72909034ff10e6b86a03cad1fdcdf8d7
9c569c261c41b31c2276272b5674348c5e57225792b895da525861557d34b6ee
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e9e87a8dc7c0571cb208d47bccbe8f9e6c505c77a0deb992f4bb753b8036b73
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bc8ef234af9121f388ab48a75bc4c05f6a947d85df79ded0deba4c3a46954e
a20249c6850cd8e85038af41b4cf69791a9a563d823829153320ae479521ea19
a32034f1a6a78a94a792021a838bdc2a75dbb07e4c699984d4a89ff96480482b
a4d73bb86fff11e4634ec386619ff2c77371db4929269b8db5b841a11e4a5bcc
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5486555a7dd9df318317f1ba5f3159f5fb3211a797551ac9a0b83bf439e98e0
ba1cef82ea17d6d550a9a7771f1f7ee5d555d510aaba8f007fecc6832e8b3772
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bf0284bc0b11ba844c9074746ea96fa987ef1f48173241620191a09248433ec1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c251dc3074b41f2e40cd1ed0dfc204005c9d179280cea3a25dd109e4d6c583c7
c2733c444c10951bd668a825e22b131b4b934fc8d2464105659d67dc81ff3f04
c27a5d30472dba14fca6cf0355b73a4209e7260a27f1b1711a034e799edd10d5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c67818aa139491b43700b145cabf6a154b1c2117e55a72370968a95fdfeb5b61
c849f624e9a3f7ecf31b8ad911cc2fca2c66ea1d5b596845f55e9034ced55aba
c9c112105553d821d7df56e2670a2dc551c7c586561650c73b90f3c1e1f31062
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
cd748f56bf11ef77334d8b052e0cba9516a857e01cafc58d723348ffd0040f5a
ce00a1d0fa4952890885e0c1e0d75a651d957e670d8242824c0aa63b0689eea4
ce7f2d3494b71218513452d0008db7f4ce2cc40f3fc5a76addd3dccaaae01e96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d02aa6c3ae2f5437578c6644a1237636315ceacf8000379a2757f7ca85d49760
d07fc9ea3fd684b11d7bddd0cb4ec188e8c6b5e119de8ff6511d0d2a16a34144
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5fb3dde4fb8a635ced4abd35dd9a3dcab999288a46159e7aa0c2e6234e5888c
d7649b98329d7d6ed965de40e31d15f8a565e84a126ef5babf81a7f796032fa3
d85bbda5bcdc2fe150f2fe0768a4ea8f14b3c24cf6136d1b16b8f4091c723aa8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
db99dcaf40a926181bce4522477c2efc5924f6c4b29111b6a97faea477c9528b
de65fe178ff37377c8d3210ce8c5131184689caf095b29557344f2763097ba37
df4519044da92ab8d07e35055830fcbdb5ffc9a5696e34415a380e5fc09f9b4c
e0858cce8f7c711ef2a0ee1a5bc9282b9831c477ce1058ee388d35268b7c916b
e0e8b227c432e553f717e858786d42c2c893c0da9e0ecbed5d885f7dcd2ffdf5
e17c8707c78fa22d1802c3d82945cc0bce27a79c8df3505fd85aab74e8c996bb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef
e55c8e386feb7ab5b0e0c19ae9f62ba01df6ba913d1e2a5805593e0b42577004
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6142458f283fe2e0c59e699d50f22a68b5ab808ea0b3be30d469ec376bb6722
e72b2c6a46d235fa300b88febd0a0396357a3bcd543421e637a2e3412b5bd739
e7c5aa6d0357b62b02c6b097ded7dace2d7d73c9d3182ab4769d6d885d42df3f
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
eac0c631ddbc34d157ed2540ac260a689e9b2c39dbe878f771791ee8e209b06b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed5fe0679d21ebb66bcf48897c0fe19c6b42ab4169babc6bfa589df5b10310c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5dafe5eaed774ece1224014fc854b80526ea8d9b2a4dbf49790cb37948b921
f524881f9f7a3b33e83fc0db0e23c43c2aeef52b3d642846d77c00e1aa80ae7c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f5d1ddf07b366f0a15eee8163a798d36603a5b39726a3835033aae9502c30afb
f5ef4b7e387cca4f9890c187bece4b126c43dd22850f98bdfa57511dbea3e3da
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f827590e45ab44665694d4a65fa9d97907f56f61bbf1b9830eca6aa24d9f00fe
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fc48643d0ba513aedf1c305b8a0f9c72f2a73d935ec52ca53bec89ca67758201
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
fd0200bf8e901ea3273a090ba8933e863781205ebda362ec23a01ae8492f4adb
fdbaf446a18be2829f6500078e51a46bea93f0b7ff9bb634b959f9e3aa9042a8