urlscan.io logo urlscan.io
SecurityTrails logo

chatliv.com Open in urlscan Pro
2606:4700:3032::6815:489f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chatliv.com/
Effective URL: https://chatliv.com/
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 15 countries across 67 domains to perform 329 HTTP transactions. The main IP is 2606:4700:3032::6815:489f, located in United States and belongs to CLOUDFLARENET, US. The main domain is chatliv.com.
TLS certificate: Issued by E1 on September 1st 2023. Valid for: 3 months.
This is the only time chatliv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
25 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 192.0.77.2 2635 (AUTOMATTIC)
38 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.212.201.72 16625 (AKAMAI-AS)
12 139.45.240.92 57304 (RUBY-AS)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 65.9.66.104 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 52.48.43.143 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
2 3.71.149.231 16509 (AMAZON-02)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
3 34.98.64.218 396982 (GOOGLE-CL...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.194.49 54113 (FASTLY)
12 29 142.250.185.66 15169 (GOOGLE)
4 15.197.193.217 16509 (AMAZON-02)
1 1 3.69.18.113 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 37.157.6.243 198622 (ADFORM)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2600:1901:0:7... 396982 (GOOGLE-CL...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 35.204.74.118 396982 (GOOGLE-CL...)
4 4 213.155.156.184 1299 (TWELVE99 ...)
5 9 50.31.142.191 22075 (AS-OUTBRAIN)
3 5 104.18.26.193 13335 (CLOUDFLAR...)
3 4 37.252.171.149 29990 (ASN-APPNEX)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
2 23.32.185.35 16625 (AKAMAI-AS)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
10 94.130.102.164 24940 (HETZNER-AS)
4 5 142.250.185.198 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 4 138.201.63.165 24940 (HETZNER-AS)
3 138.201.84.252 24940 (HETZNER-AS)
1 3 104.64.118.247 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
2 4 2a01:4f8:d0a:... 24940 (HETZNER-AS)
2 49.12.22.42 24940 (HETZNER-AS)
2 2a0b:4d07:102::1 44239 (PROINITY ...)
5 145.239.193.130 16276 (OVH)
2 3.9.163.207 16509 (AMAZON-02)
2 4 142.250.184.198 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 2 52.18.6.202 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 2 134.122.57.34 14061 (DIGITALOC...)
1 1 154.59.122.79 174 (COGENT-174)
1 13.230.249.13 16509 (AMAZON-02)
1 2 51.89.9.253 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.120 16509 (AMAZON-02)
2 99.86.4.94 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
5 2600:1f18:1ac... 14618 (AMAZON-AES)
4 13.43.78.194 16509 (AMAZON-02)
329 81
1    2606:4700:3033::ac43:98b9 (United States)

ASN13335 (CLOUDFLARENET, US)
chatliv.com
6    2606:4700:3032::6815:489f (United States)

ASN13335 (CLOUDFLARENET, US)
chatliv.com
25    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
6    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
38    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    23.212.201.72 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-72.deploy.static.akamaitechnologies.com
s7.addthis.com
12    139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)
notix.io
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
10    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:9000:223c:ee00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
10    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:2250:a800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
5    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
21    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
29    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.69.18.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-18-113.eu-central-1.compute.amazonaws.com
d.agkn.com
4    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2a05:d01c:1d8:8102:75d:875c:7927:eb04 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
9    50.31.142.191 (Hickory Hills, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
10    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal9000.redintelligence.net
5    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
3    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal900024.redintelligence.net
3    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
partner.blau.de
4    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
2    49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de
futalis.de
2    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
5    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    3.9.163.207 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
track.webgains.com
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
8019191.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    52.18.6.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-6-202.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    85.114.159.93 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    154.59.122.79 (Secaucus, United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    13.230.249.13 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-249-13.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
2    99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net
cdn.track.production.webgains.team
3    2600:9000:223f:d400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2600:1f18:1aca:4281:6748:a747:845:71f5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
4    13.43.78.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
64 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
518 KB
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
ad.doubleclick.net — Cisco Umbrella Rank: 173
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 286096
333 KB
25 demand.supply
live.demand.supply — Cisco Umbrella Rank: 48122
42 KB
17 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41903
hal90005.redintelligence.net — Cisco Umbrella Rank: 267977
hal900024.redintelligence.net — Cisco Umbrella Rank: 280236
429 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
csm.eu.criteo.net — Cisco Umbrella Rank: 9249
247 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 34439
ad4m.at — Cisco Umbrella Rank: 12024
assets.ad4m.at — Cisco Umbrella Rank: 44524
527 KB
12 notix.io
notix.io — Cisco Umbrella Rank: 14097
46 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
adservice.google.com — Cisco Umbrella Rank: 118
2 KB
10 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
102 KB
9 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
4 KB
7 chatliv.com
chatliv.com
37 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 33897
api.webgains.io — Cisco Umbrella Rank: 91885
37 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 51750
medialead.de — Cisco Umbrella Rank: 51384
3 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
ads.eu.criteo.com — Cisco Umbrella Rank: 9209
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275
59 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
446 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
295 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
1002 B
4 gstatic.com
fonts.gstatic.com
59 KB
4 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 164332
11 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
3 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
2 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
72 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
593 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6147
777 B
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 49
36 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183
52 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18074
2 KB
3 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
9 KB
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006
6 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
489 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
996 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 59583
4 KB
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 270642
2 KB
2 futalis.de
futalis.de — Cisco Umbrella Rank: 354180
801 B
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 83080
735 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 82854
515 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
326 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 161993
static-de.ad4mat.net — Cisco Umbrella Rank: 206436
4 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
30 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 8646
44 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1393
684 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
584 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 178172
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 93025
1 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 121204
493 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
5 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2075
297 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 796
731 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
544 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
463 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
603 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3381
362 B
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 4163
35 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 925
29 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
329 67
Domain Requested by
38 pagead2.googlesyndication.com chatliv.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
29 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
25 live.demand.supply chatliv.com
live.demand.supply
client
21 tpc.googlesyndication.com googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
chatliv.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
12 googleads.g.doubleclick.net www.googletagmanager.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
chatliv.com
12 notix.io chatliv.com
notix.io
10 hal9000.redintelligence.net 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
hal90005.redintelligence.net
hal900024.redintelligence.net
10 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
10 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
9 b1sync.zemanta.com 5 redirects chatliv.com
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
8 www.google.com chatliv.com
googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 chatliv.com 1 redirects chatliv.com
6 assets.ad4m.at as.ad4m.at
6 www.googletagmanager.com chatliv.com
www.google-analytics.com
adv.office-partner.de
www.googletagmanager.com
5 dt.adsafeprotected.com chatliv.com
5 pv.medialead.de hal90005.redintelligence.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
hal900024.redintelligence.net
5 ad.doubleclick.net 4 redirects 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
5 imageproxy.eu.criteo.net ads.eu.criteo.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
chatliv.com
5 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 api.webgains.io analytics.webgains.io
4 fonts.gstatic.com fonts.googleapis.com
4 8019191.fls.doubleclick.net 2 redirects chatliv.com
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
4 cdn.retailads.net 2 redirects futalis.de
4 hal90005.redintelligence.net 1 redirects 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
hal90005.redintelligence.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 d5p.de17a.com 4 redirects
4 um.simpli.fi 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 s0.2mdn.net googleads.g.doubleclick.net
chatliv.com
s0.2mdn.net
4 match.adsrvr.org googleads.g.doubleclick.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 www.google.de chatliv.com
4 maxcdn.bootstrapcdn.com chatliv.com
maxcdn.bootstrapcdn.com
3 static.adsafeprotected.com fw.adsafeprotected.com
chatliv.com
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
3 www.awin1.com 1 redirects 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
hal900024.redintelligence.net
3 hal900024.redintelligence.net hal9000.redintelligence.net
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
hal900024.redintelligence.net
3 fonts.googleapis.com 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
hal90005.redintelligence.net
hal900024.redintelligence.net
2 cdn.track.production.webgains.team 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
track.webgains.com
2 analytics.webgains.io track.webgains.com
2 adservice.google.com 8019191.fls.doubleclick.net
2 onetag-sys.com 1 redirects 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
2 match.adsby.bidtheatre.com 1 redirects 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects chatliv.com
2 track.webgains.com chatliv.com
2 adv.office-partner.de hal90005.redintelligence.net
hal900024.redintelligence.net
2 futalis.de hal90005.redintelligence.net
hal900024.redintelligence.net
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 ups.analytics.yahoo.com connectid.analytics.yahoo.com
googleads.g.doubleclick.net
2 oajs.openx.net 1 redirects chatliv.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com chatliv.com
www.google-analytics.com
1 cc.adingo.jp 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
1 ums.acuityplatform.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 medialead.de 1 redirects
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.nl3.eu.criteo.com 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 ads.eu.criteo.com 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 mug.criteo.com chatliv.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.analytics.google.com www.googletagmanager.com
1 s7.addthis.com chatliv.com
1 ajax.googleapis.com chatliv.com
1 i0.wp.com chatliv.com
1 code.jquery.com chatliv.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 sync-dmp.aura-dsp.com Failed 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
329 97

This site contains links to these domains. Also see Links.

Domain
sulvo.com
www.facebook.com
Subject Issuer Validity Valid
chatliv.com
E1		 2023-09-01 -
2023-11-30		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
notix.io
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-09-26 -
2023-12-25		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.futalis.de
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
adv.office-partner.de
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
pv.medialead.de
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh

This page contains 42 frames:

Primary Page: https://chatliv.com/
Frame ID: 296B07B21358A6E31786B920A1CD92F0
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 76F2A10117AD21D2CB1A0A782CFF8C0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Frame ID: FCE2A152BA445EEEF6CFBBEAF52361E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&adk=1812271804&adf=3025194257&lmt=1697708573&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fchatliv.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773145&bpp=2&bdt=307&idt=182&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280&nras=1&correlator=3230657768437&frm=20&pv=1&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=195
Frame ID: AD79156B1B2E267BF731B08EFCD2A00A
Requests: 1 HTTP requests in this frame

Frame: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC47620593A7A0B38D5FDF3E849BA86E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=chatliv.com
Frame ID: 9571F620A0EB2F62C39E44C101C89AAE
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 188DE79E112ED753284201DE303314FD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kswj7s7m0r9a2d4hft593egnpay4wpvv19we8y94ek7h1cv1d6mbjd85bvwzn59s8cergcar2dt23xfprbbbywq8j8fwh7sb6r3j9nne520hjwwbyphk5c4way7epyqzyh31cpygs6tewmxt11g0regaf7ezhz9hkte8fdk3a9tt8vbhhj8vc6m7n1mjtwnww87qrm9605tzqrcn7bsegs5ered7ap8d9vfssjhj5nd8mr1yrah9zr7kn0qg1z2v87zfqctnkzdyr9ax2ca8zeqyn5xqq3cawxmrmtnvkskt9wnxt1cjxpn8n7xazpcjsb82n93h11t7w7fgas56maq5h347d43wj5gjvh9wv50vzrpphvjz11mce3zyk76bnfnaqcb7f9fqnwbv3xv92msyjm4ynvesca67vv5eqy3y39jxejva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%26client%3Dca-pub-0352306366460691%26adurl%3D
Frame ID: 896492A0CE4331E3EF41D2F3D5E2AA71
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Frame ID: 355B2C70D89C0236ED3D52C086CDE32A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD6316BE6B527AE34A259C406DDEB755
Requests: 9 HTTP requests in this frame

Frame: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B40CB8DDA0C7792EBD0E5889C3B3E762
Requests: 21 HTTP requests in this frame

Frame: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74D1F4BE845C4D71F067BF4E5C756761
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVjLRGwR9dsvAtkPo61g5MXj-WpnuX64l0J7_gX3slg2qdIf-019C_XY-D_NQlZAM_hy6D2Z79XDQwEnttHsh6U8V6zEjtHDHbQeL3pfui8bJFHYm5_LwyjcFVDLPQJ9tlMJL2nPCLGedv3a_qXRKHpJmvONNlkilVPSkIYtvZ7QabKdlYA08mxSwQ1DH2QJrOlE7BNDzrKVc9WuMRmdl5n_9Dirg
Frame ID: 5387B8E80664C9E9CA2BA8AC4758208C
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 45AD0F5829C826908E27C73FAD2780E5
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61664FE1C26121CBDA9754B2FF6A3742
Requests: 7 HTTP requests in this frame

Frame: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 543ACA0AE8BBB76B5A37480CE4BB8166
Requests: 24 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F83439CAAF90DC2C79EBCF3BE91A6A7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVpDiYlq8ekBSdlaHtPYKDHVOdjmKmqOWCBqvokEPJ_osok6aN4IQGDjBsmiTmmvU_1dYj4M2y2_tbGzPiKNHjZboH2j0-lu3eLscFP8N2SOG88_cQAzWNoGkwDbfU9zD2U7ttVAzIBl6FF10k6tTx6qK2eVcBRTNVoJVnpPisUVDbhsz1apYKV7YfDbzB9jlsAKF_VyHK18cqUp6w23drBfL0Tgg
Frame ID: E42528F4E4E01DE12628412C796968B7
Requests: 5 HTTP requests in this frame

Frame: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 412F91E17D7EDBDB97A1F9DC67923B4E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW4WehzPgJEf1f1PDNKG5PWOXohaxeKQN801KaYCApOu2Uhu9xf1vz5E-uZFRKeFNLz9bH6IZ0iL0vBMPXp2hbDm3ZBrfzxu9_SnkPswhfnqc6n-aiu2AsgwapvQstj1yZZ9iGPs5kzAAR-QPSuMIlAbFMvDZnRiYP2V9FvGdtmLIiF97rj5Y_iRF2eyhflVCcz7BZ4IaVuvi7PdUHycPaJFbM_9A
Frame ID: EF7936F3CCD15BCD8553A1DF1BFFACA2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A085DCC43345F789FC77D8CB55BB7A78
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5D707B8AC1C691278F7531CD925E434A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6CAB95AE346B8D8B417EA5EB10AE3671
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Frame ID: 9F6B67B3C537C6D3AB13A4273567B2BC
Requests: 11 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748772
Frame ID: 0CAA46C8E75E681951DCB59E46A25185
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 695352DF539E1F92EAC2C69E9E8CDE8D
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 792799C899D4A4AADF7C8F83659C4B51
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571
Frame ID: E452BE0E3909D89EBDE7C55BD5869F59
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Frame ID: A3CDFE9B5B4F362386EC77DBC1312BB1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00F3CA5E34EB587EA15D8E4B03BC0C29
Requests: 7 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748771
Frame ID: 5E1866C90C72B8173F457374FC67B00D
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4EE2488037D5EACE61F7B4D54F9B695D
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=71658000069294604445004012482024&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 6042701A5F919D3F58829A027B626761
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A5F02E46277D2005EA55E06590DE353
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EEBE6A4B0E230999769B8384D48DF66
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250
Frame ID: BD69257DC4BBEAAB37BBC790AF70DE1D
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 268720B3F8824B31B503E68CE5A0B9D2
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622
Frame ID: B1353486A53FD8F5DFB53880EAC01817
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Frame ID: 7FD1EB94087F10B560FA6BE121B76822
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08D3BF5C6A6C4ED0CF442CCD459F159D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7C1932D1D47BE26AA7A49E1F053CFB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C3AA8BF6F9532D3F5C3ED15E3CD4004
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chatliv.com - Stranger Cam Meet

Page URL History Show full URLs

  1. http://chatliv.com/ HTTP 301
    https://chatliv.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

329
Requests

89 %
HTTPS

50 %
IPv6

67
Domains

97
Subdomains

81
IPs

15
Countries

3534 kB
Transfer

7983 kB
Size

52
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chatliv.com/ HTTP 301
    https://chatliv.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fchatliv.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fchatliv.com%2F&rid=esp&cc=1
Request Chain 86
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=chatliv.com&sn=ChromeSyncframe&so=0&topUrl=chatliv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6QH8SHxIUFVrMHFaRmw2U2s0anhodHJyeWpHZVNQdkJHdU9MU044aElxOTFwekUvcnpjeURtaFMvVnh2ZXVPZFRhRjRzaHhBbUo0aVZQdUdlellHeTlQTVBCUnJiemJ3dWVTaERlN3dQdzlna0xnM21vTmVNZS8wY0hVRkgrandyL20rRURGU2VsRlh0NDhpcmZESG1ML1JLSVR6VHMveElKdTNrb0hvYVRycm5MNXdvekl6Z1c4K2JmZ29peTZ0U3Z4Nkd2b3NJcWtGUW1GNjZNYW9YOWYzckZmWm9XblhMNFIyK1drNmV6N29WVlg1T2N4T00xZWJVOC9PYzJvOUFEam5GMllLRi83YTU2VlJLWlFxdldKeVBXUT09fA&cppv=2
Request Chain 95
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKVOf8V2oxFejW_aWzgzQH8&google_cver=1&google_push=AXcoOmT8v9qS0ASalL21BabnuQfYqH5DXDWvPrLWps9U6Y-iWdWDenSpjkUjj1RCZhTJ305L3pgWEpEOQ3Rru3LUypX6J6C17FR9p3A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVOf8V2oxFejW_aWzgzQH8&google_push=AXcoOmT8v9qS0ASalL21BabnuQfYqH5DXDWvPrLWps9U6Y-iWdWDenSpjkUjj1RCZhTJ305L3pgWEpEOQ3Rru3LUypX6J6C17FR9p3A
Request Chain 97
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKn0j1HUi0NIPANvqlcbw_g&google_cver=1&google_push=AXcoOmSxFzAxEARDe-lXl5zih0lWaJMJaXt1MKu1Gvvk3tN3qj_8V4BQVaW0NHP3GIxH3PXaYj7VGkNY0VoLrY1GthinmMEmt_Xa4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSxFzAxEARDe-lXl5zih0lWaJMJaXt1MKu1Gvvk3tN3qj_8V4BQVaW0NHP3GIxH3PXaYj7VGkNY0VoLrY1GthinmMEmt_Xa4A&google_hm=Q0FFU0VLbjBqMUhVaTBOSVBBTnZxbGNid19n HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 98
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECCKOJNQ46x4HRdlAso0O24&google_cver=1&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautqKp7fuolUTbyC412oLFzULHAfI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECCKOJNQ46x4HRdlAso0O24&google_cver=1&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautqKp7fuolUTbyC412oLFzULHAfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg4NjMwODk5MTc0MjczNjQzMQ&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautqKp7fuolUTbyC412oLFzULHAfI
Request Chain 132
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmT08F4pVmuHwTZ4mYNgUePDqUGg67RPH2P8Ck8QwUC6L88OwdSkEHrQTyXDLMccRt9iEaR7Cuk_tkGeeKkOOtk2o5r9wq0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT08F4pVmuHwTZ4mYNgUePDqUGg67RPH2P8Ck8QwUC6L88OwdSkEHrQTyXDLMccRt9iEaR7Cuk_tkGeeKkOOtk2o5r9wq0
Request Chain 134
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q8wMRk HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q8wMRk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q8wMRk
Request Chain 135
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmTCMYLY-qbJP5LTsVMLJc7YmcDXCMKcJi9OzFcqEekl8C8YPUYCPeKULGR1GOUWxU-rwBZjJX1XV9vc7DolkchCW9QGncqT HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_push=AXcoOmTCMYLY-qbJP5LTsVMLJc7YmcDXCMKcJi9OzFcqEekl8C8YPUYCPeKULGR1GOUWxU-rwBZjJX1XV9vc7DolkchCW9QGncqT&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCMYLY-qbJP5LTsVMLJc7YmcDXCMKcJi9OzFcqEekl8C8YPUYCPeKULGR1GOUWxU-rwBZjJX1XV9vc7DolkchCW9QGncqT&google_hm=MnB5UTEwQjYtb1ZHenI0MHFiOU4= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1&C=1
Request Chain 148
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTEWPoQokV8Zhf5r42NtowAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENL4U7ApOTa6In1ERsWQ0QA&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENL4U7ApOTa6In1ERsWQ0QA%26google_cver%3D1
Request Chain 150
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2ODMzMDQ4MjczNDUzMjMzNw%3D%3D
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKr9s2HSGxEgS0yUOeHkC-Y&google_cver=1
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIbltGw5AsMX1OGB2XQc3O0&google_cver=1
Request Chain 200
  • https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOZZZTJ0Nxp0LgZlzc99evc&google_cver=1
Request Chain 212
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1697715774_a4677791-6e74-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 215
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNaGu42EgoIDFdvLEQgdUvYA5Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Request Chain 218
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKmIu42EgoIDFczAuwgd_pMNwQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101913425489824668817X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Request Chain 222
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=53971600077471404445004012482005&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748772
Request Chain 226
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571
Request Chain 228
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 232
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=71658000069294604445004012482024&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748771
Request Chain 244
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmRBtbHkE6qa45v-8FahoAQQu_l7IaWXzKFJKOchAa4IjjsMfd8_m5DzU2nDh49Z_Z5d3ojvA6BjuBl9yrmO-Ythbfg1cg83 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRBtbHkE6qa45v-8FahoAQQu_l7IaWXzKFJKOchAa4IjjsMfd8_m5DzU2nDh49Z_Z5d3ojvA6BjuBl9yrmO-Ythbfg1cg83
Request Chain 246
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmRIlDnH6-1Jpbmqg4nbLb6BFhqJM5kwCwsbZp7Y7lbsnMe39CB8dgg3VAzcssooNe3CVBZG4ZLgaIJ82BtuJo9XkniDmdI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIlDnH6-1Jpbmqg4nbLb6BFhqJM5kwCwsbZp7Y7lbsnMe39CB8dgg3VAzcssooNe3CVBZG4ZLgaIJ82BtuJo9XkniDmdI
Request Chain 247
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmRgJ-D_0schBJ8KISAffTdYowS1E8ySRVkOWawxLyzZtW3LCx0_WYXUr1isaJ4vKTAs4K4WkZ4f-Y6Ueaos778_NPx_6i4B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRgJ-D_0schBJ8KISAffTdYowS1E8ySRVkOWawxLyzZtW3LCx0_WYXUr1isaJ4vKTAs4K4WkZ4f-Y6Ueaos778_NPx_6i4B&google_hm=MnB5UTEwQjYtb1ZHenI0MHFiOU4= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 261
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmT841qo9GLl-JA0lv53zM7Lr_oYQSv678GKW2_UoG2N2hzPTNNbFWec5Gq8EKCva5fASODNdTBaqnfzHxVtveE8cD2OdRKv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT841qo9GLl-JA0lv53zM7Lr_oYQSv678GKW2_UoG2N2hzPTNNbFWec5Gq8EKCva5fASODNdTBaqnfzHxVtveE8cD2OdRKv
Request Chain 262
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH8wu2rUU8gui_4zDClYEAo&google_cver=1&google_push=AXcoOmShecEak9if5GVIafPsaAe71DzA_B7RkXzsVmO56fzhVRPlEK54K1_npirIua__2qvHG0O4G9Pdaw1bmgXCWTTInHGoyZ2F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTYzMzcyNzI2MjU1NDI1Ng%3D%3D&google_push=AXcoOmShecEak9if5GVIafPsaAe71DzA_B7RkXzsVmO56fzhVRPlEK54K1_npirIua__2qvHG0O4G9Pdaw1bmgXCWTTInHGoyZ2F
Request Chain 263
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKUmQHKLj9OlQ9AG6ghhsko&google_cver=1&google_push=AXcoOmQYZSyi2vFc0ERKhICYfx3ctsEmVZvDN93aKaGLpwshViR6M8IsAdSwTxs7CMLkkfQbDxKX_TKgdlwACV3pPsrIjq9toZ_r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQYZSyi2vFc0ERKhICYfx3ctsEmVZvDN93aKaGLpwshViR6M8IsAdSwTxs7CMLkkfQbDxKX_TKgdlwACV3pPsrIjq9toZ_r HTTP 302
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=5
Request Chain 264
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEFrFO7VzFkFkSsgk5mdd7iA&google_cver=1&google_push=AXcoOmTIf43gOvX9KD7Cp7n2fDQxEZ-gTc0M8LPynnbbHw7aJ6Fq7slPeDaId0p6LBm2vhlcrYNTgkKijIvZkvHd49mR9JIoanwx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=842309638650&us_privacy=1---
Request Chain 265
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmR4sBhGt0A5V_28Fbt8Wo2XqnrqpkpTR1rxbEWch6dpkPyVNsJ061lLzRrRt6otwHJOw7YPuW417PHyAZKZUe7_wmWCalTm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR4sBhGt0A5V_28Fbt8Wo2XqnrqpkpTR1rxbEWch6dpkPyVNsJ061lLzRrRt6otwHJOw7YPuW417PHyAZKZUe7_wmWCalTm&google_hm=MnB5UTEwQjYtb1ZHenI0MHFiOU4= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 267
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMsTtrk0BZP9iqDQl6psaLM&google_cver=1&google_push=AXcoOmRu5miue4N8MNM0atJcqJ5cO_82NyuLTK1qkW9WxmG0k3VXHNoCT474lzU7QN99KR6IOu2zNQ2HeEAb64KWSg8Uexsv_u30Aw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRu5miue4N8MNM0atJcqJ5cO_82NyuLTK1qkW9WxmG0k3VXHNoCT474lzU7QN99KR6IOu2zNQ2HeEAb64KWSg8Uexsv_u30Aw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 285
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20606889740&bidurl=https://chatliv.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hdWCxkrVZtYTNcGeJmIWV1&adsafe_url=https%3A%2F%2Fchatliv.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fchatliv.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F4c560110518f56e101f4975428091992.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4c560110518f56e101f4975428091992.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:e1c3b2a2-eb3a-e00f-209b-e68136c3efe1,c:ruD12S,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-jqpgh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:190,mot:0,app:0,maw:0,fm:tT8ens3+11%7C12111%7C12112%7C1212%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a1*.1350098-69352127%7C1a11%7C1a12%7C1a131%7C1a14,idMap:1a1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:232,oid:a479c78d-6e74-11ee-aac1-3abce519d101,v:19.8.439,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Request Chain 291
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622
Request Chain 301
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmRcBKuLkXSG0-U1vdpviQUP_theekjuQtS2KC8Kyb1l4l-4DmHl-UG1P3INnupsG0fziLVU_6krmc3aMLWSP5FDzb3ahFK_uQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRcBKuLkXSG0-U1vdpviQUP_theekjuQtS2KC8Kyb1l4l-4DmHl-UG1P3INnupsG0fziLVU_6krmc3aMLWSP5FDzb3ahFK_uQ
Request Chain 303
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmRQClpSGGIyxM3tohYN8daQ-RsQOf1iMPyDCTezXsXtVKDSawj355H7ZWPO1nwcVrYfoKNM8lxdZUc-h3qiAEDodkzXGq2p HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQClpSGGIyxM3tohYN8daQ-RsQOf1iMPyDCTezXsXtVKDSawj355H7ZWPO1nwcVrYfoKNM8lxdZUc-h3qiAEDodkzXGq2p
Request Chain 304
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmRRLLcXUKxsT1hKAdw9fdlieFcUwD8Ip0x7QJoEKqrTul25Kplff03KZ5Pwxm7TWYUYUMXIT2gT_aKEuOVJ-1hY4u3UqDwM_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRRLLcXUKxsT1hKAdw9fdlieFcUwD8Ip0x7QJoEKqrTul25Kplff03KZ5Pwxm7TWYUYUMXIT2gT_aKEuOVJ-1hY4u3UqDwM_A&google_hm=MnB5UTEwQjYtb1ZHenI0MHFiOU4= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

329 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chatliv.com/
Redirect Chain
  • http://chatliv.com/
  • https://chatliv.com/
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:489f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d334df00f4c06c653ae77c7d4b57631f288349d9655595f48d8948e551aba277

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8188c29ac8e21e5a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 11:42:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWh%2F6x5c2HsFj1YYZSS22u%2FxC89Qg9YA60tDJmKfXFZOqXNl5g01I%2FykQaqfxvlOOatVm%2BxK%2B5WxGW%2BjS37O7i9Ce6%2BsVoZmBu52LTRgf6wOFktMu2UEFnXmfC7pccjTr5Rwkuw6nCGK%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
8188c29a8ffc383b-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 19 Oct 2023 11:42:52 GMT
Expires
Thu, 19 Oct 2023 12:42:52 GMT
Location
https://chatliv.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qllcY7soDJlTN%2BUjYRAeNC731ro%2F5q5orzly8B%2FuCtwVT%2FrKR6PW2wICdo7vwjoKKcXfXRitRSMio3%2B40YrCjYkf6lzkw%2FsVKvDHafDPZHMlQNjQ6LSRH%2B7oP5Dp8PAzvKwpFYbXrDUv0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5a6fbaa920c1f326651df1e4e178b20f2da992f3138fbbd43187b8665d8a4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HAAPFKXS6C0TWVX10X7HF12W
date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
cf-cache-status
HIT
age
758
cf-polished
origSize=4393
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"6eaa5f6c66d357f2e362fb93e5e9eaf5-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
8188c29c79f39950-FRA
link
<https://live.demand.supply/impl.v17.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/Y2hhdGxpdi5jb20v>; rel=preload; as=script
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-973279083
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a77c253ce99b99e005fd080095a4bd9b4c9c92a0fec86df39aad10088f60fdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57784
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 11:42:52 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
15115218
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8188c29c69f13809-FRA
cdn-requestpullsuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
22494497
cdn-cachedat
08/03/2021 14:28:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
233034c782d990b78bed051616b3c337
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8188c29c69ef3809-FRA
cdn-requestpullsuccess
True
style.css
chatliv.com/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chatliv.com/css/style.css
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:489f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef9615b30ad8d3d8e071cc2104757773df7ff0180959eb06539d07ab6fb3f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Jan 2021 12:25:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1738
etag
W/"60057e3b-2211"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfN6TaITX%2BOyOmnT4GmO3BfJNPoetaHpTLOjCxyy5ES6f5dpeOdWJAm6zArFQTJwcsZTKRJ9Rmpy%2FRzEGlxKXqQm05S9N9jiZAxv32OSN2KwzWepMDdJdtr5l0OQDpd7GFpPz6iP%2BV9mDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8188c29c4acc1e5a-FRA
alt-svc
h3=":443"; ma=86400
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://chatliv.com/
Origin
https://chatliv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2811973
x-cache
HIT, HIT
content-length
29811
x-served-by
cache-lga21935-LGA, cache-fra-eddf8230128-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1697715773.863092,VS0,VE0
etag
W/"28feccc0-14e4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 607982
chatlivlogo.png
chatliv.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chatliv.com/img/chatlivlogo.png
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:489f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155fc008867152c45e68a0481738af5a804781993b899ad8e33e7beb8c4bb1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2017 08:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5516
etag
"59f6df5a-bb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSJERmZIv7wNBVfCKEkJDAL0K97q%2FtQP24Q52S8U0sJNoPglB%2FO0EZ%2Fe%2BuWkQyPbACRdXP3o7or9HUdW4SlEyjgp5jP10KtfvsR4FCbdrmZjNxJv3HXI6xZmaTl8Hb6%2Fn1wms9%2BURkg8Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8188c29c4acd1e5a-FRA
alt-svc
h3=":443"; ma=86400
content-length
3000
web-camera-icon.png
chatliv.com/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chatliv.com/img/web-camera-icon.png
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:489f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf894d16c9e6adda881d224b711ab3375d4a988c79883bbd869d7bd6dc9c903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Jan 2018 16:41:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2872
etag
"5a4a64d3-3488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsBX8Gv9SyPWQreQ84gTsqMWmFLw5J64F%2F7k4eUJdwYwutKmvScLBpb30QUoZIOW%2FyLgUnJQBRj%2FFqQ7ChSkN8N3JnVDv8tBL7jFz9pC3915yDsK0qNsd8w6rf7L%2BeBNIIl%2F4vzNVSK3yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8188c29caeaabb41-FRA
alt-svc
h3=":443"; ma=86400
content-length
13448
Chat-Folder-Black-icon.png
chatliv.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chatliv.com/img/Chat-Folder-Black-icon.png
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:489f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10985b55208ed558f31aa58dbee1dfb726eb45934517cf387af98ad9f35d3742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Jan 2018 16:41:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2872
etag
"5a4a64d3-13ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BinincWbPCTf1%2Fo769bw7WgZ1Dj7Pqfye%2BTUe6NR%2Bz6LOHefGh6jwUwLLCakHVfmyF2V3Neo5OEJVrSdfzFNOInbg1DdhhOJ8%2BesUdWdlwUztgxKrbkPqlhYaTyTZWULvEsYOROkBMoZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8188c29caeadbb41-FRA
alt-svc
h3=":443"; ma=86400
content-length
5070
Devices-audio-headset-icon.png
chatliv.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chatliv.com/img/Devices-audio-headset-icon.png
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:489f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48ab111dc64ed74d565f0fb8c83fae300ea8dc01f5b1732b849ee2db2935f8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Jan 2018 16:41:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2872
etag
"5a4a64d3-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y27Rsl9miXz%2FnqBUFExyOsVDmYrryydCffqCrPmJkH0WSQR6uLLU361hQ36Q6I9Tp%2FwY8XEaFRztvS0gScT7rh7mzK9USvG1SE08m1yAXQ37nQ8I4kVUxpNnTuSvLTCyGC41%2B0meva6zTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8188c29caeaebb41-FRA
alt-svc
h3=":443"; ma=86400
content-length
3978
300x250.gif
i0.wp.com/voo.chatliv.com/wp-content/uploads/2023/08/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/voo.chatliv.com/wp-content/uploads/2023/08/300x250.gif
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
651a16ad972fa523e68024dad0e54aeb66f56114c3c9ce4782f4816f184de7a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 19 Oct 2023 11:42:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 08:13:58 GMT
server
nginx
etag
"fe4efbfddd85fee5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://voo.chatliv.com/wp-content/uploads/2023/08/300x250.gif>; rel="canonical"
content-length
35936
expires
Wed, 27 Aug 2025 20:13:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88b46bf7392c829f7b71e693d5d13a572564c0195047de15b78543bf37f942e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51026
x-xss-protection
0
server
cafe
etag
10642991638087328670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:53 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 09:19:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 09:19:28 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
Origin
https://chatliv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1029
age
22476899
cdn-cachedat
01/02/2023 00:17:37
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
29875efe1373460edded5fdb3ed21459
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8188c29cb9bd3637-FRA
cdn-requestpullsuccess
True
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.201.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-201-72.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 11:42:53 GMT
server
Oracle API Gateway
opc-request-id
/1DB7CB4EFC8F9EF176CFA0654D37758B/8BA53360706CBD8C82E678BE8DE05E15
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
enot.min.js
notix.io/ent/current/ 		145 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notix.io/ent/current/enot.min.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
87cf89783fc9dcfaa007676cfcf91d891d33848dbbbbb3d72cb9d8f5d164dc9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:46 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 11:33:36 GMT
server
nginx
etag
W/"652fc290-24328"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 09:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6790
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 11:49:42 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://chatliv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
55845
cdn-cachedat
08/03/2021 23:23:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18028
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6f57313b8a622afd594f307c8adfb9e5
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8188c29cb9be3637-FRA
cdn-requestpullsuccess
True
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/973279083/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973279083/?random=1697715772932&cv=11&fst=1697715772932&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchatliv.com%2F&hn=www.googleadservices.com&frm=0&tiba=Chatliv.com%20-%20Stranger%20Cam%20Meet&auid=1128421160.1697715773&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973279083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fe55c7512dafe45f5039562a6252cffb94d16d7d8d72c26b14514015dd601a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/973279083/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973279083/?random=1697715772959&cv=11&fst=1697715772959&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchatliv.com%2F&hn=www.googleadservices.com&frm=0&tiba=Chatliv.com%20-%20Stranger%20Cam%20Meet&auid=1128421160.1697715773&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973279083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e13dbc79de5cd2c08c7aa75030a5da2d9c343c835d6f48b00f323c391ec0c09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2055503321&t=pageview&_s=1&dl=https%3A%2F%2Fchatliv.com%2F&ul=en-us&de=UTF-8&dt=Chatliv.com%20-%20Stranger%20Cam%20Meet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=220385773&gjid=880998022&cid=328686676.1697715773&tid=UA-47689947-1&_gid=99745921.1697715773&_r=1&_slc=1&z=799963028
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8a80173f1407ae7160a21cfb7778cba0de3c7b194a19c214333b0003e10f2db5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-47689947-1&cid=328686676.1697715773&jid=220385773&gjid=880998022&_gid=99745921.1697715773&_u=IEBAAAAAAAAAACAAI~&z=1572143559
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Oct 2023 11:42:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WQX66W2TWS&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84d369847b4e9a82fcd8605f67b5a36a5897d6999fc84febebcb44fafdcaf15a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83023
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 11:42:53 GMT
/
www.google.com/pagead/1p-user-list/973279083/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973279083/?random=1697715772932&cv=11&fst=1697713200000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchatliv.com%2F&frm=0&tiba=Chatliv.com%20-%20Stranger%20Cam%20Meet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3272703273&rmt_tld=0&ipr=y
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/973279083/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/973279083/?random=1697715772932&cv=11&fst=1697713200000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchatliv.com%2F&frm=0&tiba=Chatliv.com%20-%20Stranger%20Cam%20Meet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3272703273&rmt_tld=1&ipr=y
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/973279083/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973279083/?random=1697715772959&cv=11&fst=1697713200000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchatliv.com%2F&frm=0&tiba=Chatliv.com%20-%20Stranger%20Cam%20Meet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2976983141&rmt_tld=0&ipr=y
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/973279083/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/973279083/?random=1697715772959&cv=11&fst=1697713200000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchatliv.com%2F&frm=0&tiba=Chatliv.com%20-%20Stranger%20Cam%20Meet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2976983141&rmt_tld=1&ipr=y
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
notix.io/ 		118 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://notix.io/settings?appId=10043d7e161165e595d5af724daded4&ver=0.15.7
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
aa1951be15ee6946a7fcf0534027f8349796b93cf89c642f517a8bccf26c3259
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
118
event
notix.io/ 		15 B
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chatliv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://chatliv.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 19 Oct 2023 11:42:44 GMT
server
nginx
event
notix.io/ 		15 B
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chatliv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://chatliv.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 19 Oct 2023 11:42:44 GMT
server
nginx
event
notix.io/ 		15 B
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chatliv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://chatliv.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 19 Oct 2023 11:42:44 GMT
server
nginx
collect
region1.analytics.google.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WQX66W2TWS&_ono=1&gtm=45je3ai0&_p=2055503321&_gaz=1&ul=en-us&sr=1600x1200&cid=328686676.1697715773&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fchatliv.com%2F&dt=Chatliv.com%20-%20Stranger%20Cam%20Meet&sid=1697715773&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQX66W2TWS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-WQX66W2TWS&cid=328686676.1697715773&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WQX66W2TWS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-WQX66W2TWS&cid=328686676.1697715773&gtm=45je3ai0&aip=1&z=1441913427
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-47689947-1&cid=328686676.1697715773&jid=220385773&_u=IEBAAAAAAAAAACAAI~&z=1198229596
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-47689947-1&cid=328686676.1697715773&jid=220385773&_u=IEBAAAAAAAAAACAAI~&z=1198229596
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0352306366460691&plah=chatliv.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1cd63b3eed5a2c158329e8bce4c2c94d7605bd64db801f7af5e6bd0e593bd5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137111
x-xss-protection
0
server
cafe
etag
18353092903203220672
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 76F2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 18:03:16 GMT
etag
2603938475786422795
expires
Wed, 01 Nov 2023 18:03:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impl.v17.15.0.js
live.demand.supply/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v17.15.0.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HAANKZ94E4GT7BEZGRJJD566
date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
cf-cache-status
HIT
age
400953
cf-polished
origSize=84620
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"c4c243e9ca1d0f0ac14511caf420b080-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
8188c29e7c319950-FRA
Y2hhdGxpdi5jb20v
live.demand.supply/p4/v17-10-0/ 		970 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v17-10-0/Y2hhdGxpdi5jb20v
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b837bb1579ae3c129a988062fe1c3550441f778e632a3b43f1cc13196d0b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
8188c29e9c4b9950-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=351&cs=c&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
931535
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c29e9c70914d-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52702f23e17bb54bef6f342e066ed111297bc78491849a584794afa796510c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29674
x-xss-protection
0
server
cafe
etag
914 / 19649 / m202310160101 / config-hash: 12430834030162720919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:53 GMT
ds.2.html
live.demand.supply/ 		413 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HASRKEMDKV1FW27VV0A4DCV8
date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2076969
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
8188c29eac71914d-FRA
alt-svc
h3=":443"; ma=86400
chatliv.com_fluid_sq_chatliv
live.demand.supply/cp/ 		21 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/chatliv.com_fluid_sq_chatliv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8188c29ebc86914d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
chatliv.com_fluid_sq_chatliv
live.demand.supply/cp/ 		21 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/chatliv.com_fluid_sq_chatliv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8188c29ebc88914d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
chatliv.com_fluid_sq_chatliv
live.demand.supply/cp/ 		21 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/chatliv.com_fluid_sq_chatliv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8188c29ebc8b914d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
e.js
live.demand.supply/x/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HCDR5EMPB5QVDVTB89WXDW2T
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
240598
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c29ebc8c914d-FRA
cookie.js
partner.googleadservices.com/gampad/ 		389 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=chatliv.com&callback=_gfp_s_&client=ca-pub-0352306366460691
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0352306366460691&plah=chatliv.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13fa3bb67a02d7e2da3d3c16a6c3296f7eb03ad98656edf5987e7b99e8430990
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FCE2 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0352306366460691&plah=chatliv.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
857d7ceade9f055be3aca7618ef2339d046a61cacd6de85c5ddd02e1d907e3c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17068
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Thu, 19 Oct 2023 11:42:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AD79 		13 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&adk=1812271804&adf=3025194257&lmt=1697708573&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fchatliv.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773145&bpp=2&bdt=307&idt=182&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280&nras=1&correlator=3230657768437&frm=20&pv=1&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0352306366460691&plah=chatliv.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7dd0fda93cf1b2f650998c54fb481ec7d7a9904c59a00db31682a867778cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1197
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Thu, 19 Oct 2023 11:42:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
4432
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135102
x-xss-protection
0
server
cafe
etag
524636607866283267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 18 Oct 2024 10:29:01 GMT
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=chatliv.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
931535
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c29fede7914d-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
HK7DPPCWF1J3N8Z2
age
960
etag
W/"e5bbc80dac7ff8597f5b639831f48d87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8188c2a03ec6361b-FRA
x-amz-id-2
yrrTkxQMXzsEFzMckzyLSk33EYw8WIuCHuRSW+fEtI0r8GWPCDLOS+HWkfgg61BAniNdruL5L3Q=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27410
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9wGxwOU2%2Bg6S1G%2BtU0Rpr8BFQGeh3pInApjQqwpB8XjgQbip1PQZtWIlxuQq5ZoD8Yt4B%2Fnwr8fe%2BBTgaer%2BQPWTHQy0RJxg8VW9ZSF6nrKP44W3SqUYWhxCUlLzDB85S5epr9sUV8k1VT1B5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8188c2a02f5591d8-FRA
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ee00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:17:48 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
1506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
sP3OsQbxV07WV8POy-tLOP7dDf_AfnkJxbPnceg7cL6JDkp1Tz6krw==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 11:42:53 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
236893
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8188c2a05b3ebb80-FRA
expires
Sun, 22 Oct 2023 11:42:53 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 19:33:05 GMT
content-encoding
gzip
age
2131788
x-guploader-uploadid
ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 23 Sep 2024 19:33:05 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
d89f4f041e78c0e097ea2a2336509d87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 06:40:14 GMT
x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
18160
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
ALAQP6A5bULH21b7oxtxeRxvs6_R93HpxkR22xziZ-R3MVMKSu3Uig==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 02:45:52 GMT
content-encoding
gzip
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
32222
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Dt5J8IcfcFamM60bkuLpBQCjblnMgYA-M-lDZBrCVCbD0evLiU66cA==
ads
securepubads.g.doubleclick.net/gampad/ 		978 B
513 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2038057386901026&correlator=1447724185353987&eid=31078932&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=44890869%3A22585803458%2Cca-pub-3831894559014614-tag%2C8f6b4cc9-51a8-4404-b309-bf78c9e9065e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D53d38130e2aaa748-2292e59defe2004e%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MbY99vxNMVdjzXtLab9t9zuiiiXTA&gpic=UID%3D00000c9c861c7fcd%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MZFdZEQIh2g5XnTMum9QeY8lVBQhQ&abxe=1&dt=1697715773434&lmt=1697708573&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fchatliv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj3v_u9tDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBj3v_u9tDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGPe_-720MUgAUgIIZBIZCgpwdWJjaWQub3JnGPe_-720MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRj3v_u9tDFIAFICCGQSFwoIcnRiaG91c2UY97_7vbQxSABSAghkEhQKBW9wZW54GPe_-720MUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_-720MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9r_7vbQxSABSAghk&dlt=1697715772838&idt=564&prev_scp=ti%3De231d3bc-a4ea-4cbb-bd3d-587996d61bbd%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D72&adks=1842446683&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0e1c23f04fec288a932e9bf8833e4335c7affd4847be668cae72608fad582bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
481
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC47 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Fri, 18 Oct 2024 11:42:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f579057deb3bdb5df36bada2d710f1c119890f190c48cf517cb3edb9a2ef1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
2332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13698
x-xss-protection
0
server
cafe
etag
7071400071377768411
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 18 Oct 2024 11:04:01 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fchatliv.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fchatliv.com%2F&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fchatliv.com%2F&rid=esp&cc=1
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
18841f639f82eaa604252597b8934e7c19e16833117d997d660ffb9d818fac4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-y/h+7cp+crMLy6gZU1rMAZzfbJI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 19 Oct 2023 11:42:53 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://chatliv.com
location
/esp?url=https%3A%2F%2Fchatliv.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ec02e2ad1adcee199c99140d30ceac1ee6e3bffabb419754b5b31ac918dcc954

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://chatliv.com
cache-control
no-cache
x-server
10.45.14.230
access-control-allow-credentials
true
content-length
60
expires
0
da.2.css
live.demand.supply/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/da.2.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d698efa119f85b20fe4d9a694894014e3197b8e4de7e61d18d27c60eecd9b81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HBKQWJ43HB1WA2G5VDYWQ7DB
date
Thu, 19 Oct 2023 11:42:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
178813
etag
W/"1d36a9efe12bdd1501a786209394a80f-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
8188c2a05d51bb62-FRA
alt-svc
h3=":443"; ma=86400
chatliv.com_fluid_sq_chatliv
live.demand.supply/cp/ 		21 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/chatliv.com_fluid_sq_chatliv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8188c2a06e81914d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
increment
id5-sync.com/api/esp/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://chatliv.com
date
Thu, 19 Oct 2023 11:42:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
chatliv.com_fluid_sq_chatliv
live.demand.supply/cp/ 		21 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/chatliv.com_fluid_sq_chatliv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8188c2a0df38914d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fchatliv.com%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://chatliv.com
content-type
application/json
access-control-allow-credentials
true
syncframe
gum.criteo.com/ Frame 9571 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=chatliv.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:52 GMT
server
Kestrel
server-processing-duration-in-ticks
283531
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
chatliv.com_fluid_sq_chatliv
live.demand.supply/cp/ 		21 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/chatliv.com_fluid_sq_chatliv?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
8188c2a10f64914d-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=chatliv.com_auto_interstitial_desktop&e=nai&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
931535
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a208b1914d-FRA
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=chatliv.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
931535
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a208b6914d-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		978 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2038057386901026&correlator=2461955978329335&eid=31078932&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=44890869%3A22585803458%2Cca-pub-3831894559014614-tag%2C2ee7d7c8-68e4-4955-a9e7-c0d2c47a8015&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D53d38130e2aaa748-2292e59defe2004e%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MbY99vxNMVdjzXtLab9t9zuiiiXTA&gpic=UID%3D00000c9c861c7fcd%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MZFdZEQIh2g5XnTMum9QeY8lVBQhQ&abxe=1&dt=1697715773765&lmt=1697708573&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fchatliv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97_7vbQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v_u9tDFIAFICCGQSGQoKcHViY2lkLm9yZxirwPu9tDFIAFICCGoSGAoJeWFob28uY29tGJTB-720MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj3v_u9tDFIAFICCGQSFwoIcnRiaG91c2UYz8D7vbQxSABSAghqEhQKBW9wZW54GPe_-720MUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_-720MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhcH7vbQxSABSAghq&dlt=1697715772838&idt=564&prev_scp=ti%3De231d3bc-a4ea-4cbb-bd3d-587996d61bbd%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D72&adks=1019053345&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
576a70b782ebf6e1ea1eeafdf83769ab584a6b29aaf4716a23eb0f9f9086bfa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
484
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 188D 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 19 Oct 2023 11:42:54 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
e.js
live.demand.supply/x/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=chatliv.com_fluid_sq_chatliv&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HCDR5EMPB5QVDVTB89WXDW2T
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
240598
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a26917914d-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2038057386901026&correlator=1803809541225057&eid=31078932&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=44890869%3A22585803458%2Cca-pub-3831894559014614-tag%2C88eba804-1ee9-4726-b669-cab483f22996&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53d38130e2aaa748-2292e59defe2004e%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MbY99vxNMVdjzXtLab9t9zuiiiXTA&gpic=UID%3D00000c9c861c7fcd%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MZFdZEQIh2g5XnTMum9QeY8lVBQhQ&abxe=1&dt=1697715773833&lmt=1697708573&adxs=415&adys=2648&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fchatliv.com%2F&vis=1&psz=770x0&msz=770x0&fws=0&ohw=0&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97_7vbQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v_u9tDFIAFICCGQSGQoKcHViY2lkLm9yZxirwPu9tDFIAFICCGoSGAoJeWFob28uY29tGJTB-720MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj3v_u9tDFIAFICCGQSFwoIcnRiaG91c2UYz8D7vbQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaU0xaHBObWxFY1c5UlJTdFlOa1pUY1VScU16RlhRVDA5SW4wPRjtwvu9tDFIABIZCgp1aWRhcGkuY29tGPe_-720MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhcH7vbQxSABSAghq&dlt=1697715772838&idt=564&prev_scp=ti%3De231d3bc-a4ea-4cbb-bd3d-587996d61bbd%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D72&adks=1994914156&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4c02a8ab340265dd18ecec5096265e2f9891f3a1d86d045f73f177fccec440b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12178
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/x/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=chatliv.com_fluid_sq_chatliv&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HCDR5EMPB5QVDVTB89WXDW2T
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
240598
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a2893b914d-FRA
e.js
live.demand.supply/x/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=chatliv.com_fluid_sq_chatliv&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HCDR5EMPB5QVDVTB89WXDW2T
date
Thu, 19 Oct 2023 11:42:53 GMT
cf-cache-status
HIT
age
240598
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a2894d914d-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2038057386901026&correlator=2002969579144710&eid=31078932&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=44890869%3A22585803458%2Cca-pub-3831894559014614-tag%2C88eba804-1ee9-4726-b669-cab483f22996&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=880x280%7C750x300%7C750x200&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53d38130e2aaa748-2292e59defe2004e%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MbY99vxNMVdjzXtLab9t9zuiiiXTA&gpic=UID%3D00000c9c861c7fcd%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MZFdZEQIh2g5XnTMum9QeY8lVBQhQ&abxe=1&dt=1697715773852&lmt=1697708573&adxs=162&adys=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fchatliv.com%2F&vis=1&psz=884x296&msz=884x296&fws=0&ohw=0&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97_7vbQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v_u9tDFIAFICCGQSGQoKcHViY2lkLm9yZxirwPu9tDFIAFICCGoSGAoJeWFob28uY29tGJTB-720MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj3v_u9tDFIAFICCGQSFwoIcnRiaG91c2UYz8D7vbQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaU0xaHBObWxFY1c5UlJTdFlOa1pUY1VScU16RlhRVDA5SW4wPRjtwvu9tDFIABIZCgp1aWRhcGkuY29tGPe_-720MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhcH7vbQxSABSAghq&dlt=1697715772838&idt=564&prev_scp=ti%3De231d3bc-a4ea-4cbb-bd3d-587996d61bbd%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D72&adks=2532165257&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94fdf1a80748f8309f967672648d551da22718c6309155987c06f661d504301a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12364
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2038057386901026&correlator=415961470939385&eid=31078932&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=44890869%3A22585803458%2Cca-pub-3831894559014614-tag%2C88eba804-1ee9-4726-b669-cab483f22996&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=620x280%7C480x320&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53d38130e2aaa748-2292e59defe2004e%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MbY99vxNMVdjzXtLab9t9zuiiiXTA&gpic=UID%3D00000c9c861c7fcd%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MZFdZEQIh2g5XnTMum9QeY8lVBQhQ&abxe=1&dt=1697715773859&lmt=1697708573&adxs=946&adys=153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fchatliv.com%2F&vis=1&psz=623x0&msz=623x0&fws=0&ohw=0&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97_7vbQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v_u9tDFIAFICCGQSGQoKcHViY2lkLm9yZxirwPu9tDFIAFICCGoSGAoJeWFob28uY29tGJTB-720MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj3v_u9tDFIAFICCGQSFwoIcnRiaG91c2UYz8D7vbQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaU0xaHBObWxFY1c5UlJTdFlOa1pUY1VScU16RlhRVDA5SW4wPRjtwvu9tDFIABIZCgp1aWRhcGkuY29tGPe_-720MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhcH7vbQxSABSAghq&dlt=1697715772838&idt=564&prev_scp=ti%3De231d3bc-a4ea-4cbb-bd3d-587996d61bbd%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D72&adks=725991170&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f9212e7ad9b3a99f333bf01b175a28c06e672256a33bcda8ed043ee5293f9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15959
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 9571
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=chatliv.com&sn=ChromeSyncframe&so=0&topUrl=chatliv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=6QH8SHxIUFVrMHFaRmw2U2s0anhodHJyeWpHZVNQdkJHdU9MU044aElxOTFwekUvcnpjeURtaFMvVnh2ZXVPZFRhRjRzaHhBbUo0aVZQdUdlellHeTlQTVBCUnJiemJ3dWVTaERlN3dQdzlna0xnM21vTmVNZS8wY0hVRk...
428 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6QH8SHxIUFVrMHFaRmw2U2s0anhodHJyeWpHZVNQdkJHdU9MU044aElxOTFwekUvcnpjeURtaFMvVnh2ZXVPZFRhRjRzaHhBbUo0aVZQdUdlellHeTlQTVBCUnJiemJ3dWVTaERlN3dQdzlna0xnM21vTmVNZS8wY0hVRkgrandyL20rRURGU2VsRlh0NDhpcmZESG1ML1JLSVR6VHMveElKdTNrb0hvYVRycm5MNXdvekl6Z1c4K2JmZ29peTZ0U3Z4Nkd2b3NJcWtGUW1GNjZNYW9YOWYzckZmWm9XblhMNFIyK1drNmV6N29WVlg1T2N4T00xZWJVOC9PYzJvOUFEam5GMllLRi83YTU2VlJLWlFxdldKeVBXUT09fA&cppv=2
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0fbadc9d5cacf919c695e966d9d47f6fd9040a49cc74c1c9ad961e185eca8a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1366089
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=6QH8SHxIUFVrMHFaRmw2U2s0anhodHJyeWpHZVNQdkJHdU9MU044aElxOTFwekUvcnpjeURtaFMvVnh2ZXVPZFRhRjRzaHhBbUo0aVZQdUdlellHeTlQTVBCUnJiemJ3dWVTaERlN3dQdzlna0xnM21vTmVNZS8wY0hVRkgrandyL20rRURGU2VsRlh0NDhpcmZESG1ML1JLSVR6VHMveElKdTNrb0hvYVRycm5MNXdvekl6Z1c4K2JmZ29peTZ0U3Z4Nkd2b3NJcWtGUW1GNjZNYW9YOWYzckZmWm9XblhMNFIyK1drNmV6N29WVlg1T2N4T00xZWJVOC9PYzJvOUFEam5GMllLRi83YTU2VlJLWlFxdldKeVBXUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
283501
content-length
0
expires
0
dr
as.ad4m.at/ad/ Frame 8964 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kswj7s7m0r9a2d4hft593egnpay4wpvv19we8y94ek7h1cv1d6mbjd85bvwzn59s8cergcar2dt23xfprbbbywq8j8fwh7sb6r3j9nne520hjwwbyphk5c4way7epyqzyh31cpygs6tewmxt11g0regaf7ezhz9hkte8fdk3a9tt8vbhhj8vc6m7n1mjtwnww87qrm9605tzqrcn7bsegs5ered7ap8d9vfssjhj5nd8mr1yrah9zr7kn0qg1z2v87zfqctnkzdyr9ax2ca8zeqyn5xqq3cawxmrmtnvkskt9wnxt1cjxpn8n7xazpcjsb82n93h11t7w7fgas56maq5h347d43wj5gjvh9wv50vzrpphvjz11mce3zyk76bnfnaqcb7f9fqnwbv3xv92msyjm4ynvesca67vv5eqy3y39jxejva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%26client%3Dca-pub-0352306366460691%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bae2bd0224daa9bd1383c4ea423cbc0c98c5f358efa945ca0aa35aa6a7cceb9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8188c2a3ca1790d7-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 355B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
6018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:02:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BD63 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 355B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
47257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
l
www.google.com/ads/measurement/ Frame 355B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnVyKRabI6zn8rGvOtWbvESibNmTjnlMIehNqkdhGI3HvZdlJUx9Dc7keWRrX0A6FsFYmVGurHm3VJ1lPXmLPzY9549A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 355B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
dpixel
cms.quantserve.com/ Frame BD63 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJy8XHJOb9HHZcaBt7aWZKs&google_cver=1&google_push=AXcoOmSYcO49IOQ72r9b_4PgAJ6g9ZELqL9sAy1b2jW_T_C6lAVTl5YZnqMPQdHNpLwJOVoQilP-7YJ0b73_Eeg3OM_nIitP2o2xVkU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame BD63 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDk3xJisEqUTNZdo2JfApQE&google_cver=1&google_push=AXcoOmQWs5rCq82Wps45WCbDqVm9O2om4faAwXylK9LmLt4qg6L5pT1zhbtp_RLF8wDIFLr-RAt5hujiqNERkw0bI9CynrePdYX9uZs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame BD63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVOf8V2oxFejW_aWzgzQH8&google_push=AXcoOmT8v9qS0ASalL21BabnuQfYqH5DXDWvPrLWps9U6Y-iWdWDenSpjk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVOf8V2oxFejW_aWzgzQH8&google_push=AXcoOmT8v9qS0ASalL21BabnuQfYqH5DXDWvPrLWps9U6Y-iWdWDenSpjkUjj1RCZhTJ305L3pgWEpEOQ3Rru3LUypX6J6C17FR9p3A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230063-FRA
pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1697715774.081236,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVOf8V2oxFejW_aWzgzQH8&google_push=AXcoOmT8v9qS0ASalL21BabnuQfYqH5DXDWvPrLWps9U6Y-iWdWDenSpjkUjj1RCZhTJ305L3pgWEpEOQ3Rru3LUypX6J6C17FR9p3A
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame BD63 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHtLCMMpGcQJzNTeXk-Q_IE&google_cver=1&google_push=AXcoOmSSzGlQbALuyUzqzVBHsm0UztyVro7cgU106qy29oBApuMwCoLfa6PWBeP7VEzrtJs-bXdt4-Z0xSAAMNoPgN4oIW1lgiTLgJw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
dot.gif
s0.2mdn.net/ Frame BD63
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKn0j1HUi0NIPANvqlcbw_g&google_cver=1&google_push=AXcoOmSxFzAxEARDe-lXl5zih0lWaJMJaXt1MKu1Gvvk3tN3qj_8V4BQVaW0NHP3GIxH3PXaYj7VGkNY0VoLrY1GthinmMEmt_Xa4A
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSxFzAxEARDe-lXl5zih0lWaJMJaXt1MKu1Gvvk3tN3qj_8V4BQVaW0NHP3GIxH3PXaYj7VGkNY0VoLrY1GthinmMEmt_Xa4A&google_hm=Q0FFU0VLbjBqMUhVaTB...
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:33:39 GMT
x-content-type-options
nosniff
age
50955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 21:33:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BD63
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECCKOJNQ46x4HRdlAso0O24&google_cver=1&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautqKp...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECCKOJNQ46x4HRdlAso0O24&google_cver=1&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzya...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg4NjMwODk5MTc0MjczNjQzMQ&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg4NjMwODk5MTc0MjczNjQzMQ&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautqKp7fuolUTbyC412oLFzULHAfI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg4NjMwODk5MTc0MjczNjQzMQ&google_push=AXcoOmSSG2jURNpuOpuRQWdlT1FQKVPRmjMAjHZbpCDQJpLi4og83CADYAQZsIx1OhzOEvqOzyautqKp7fuolUTbyC412oLFzULHAfI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
trk
ag.innovid.com/ Frame BD63 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEC2YiPrD6Gk5wKtk37U6Kus&google_cver=1&google_push=AXcoOmR1-00U_3Hy410czezsHAIf6TIAKvibxjIM191d4mYRZ9m4WncThHxtwAj_3huJ-9MszUxHG42mCH3cxPbqOcfQQWIlZqqZe9Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:75d:875c:7927:eb04 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame BD63 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgX5ecemePrnuApDziRhct6MqcUok3cbEB3L4oxIXCUlyaxBexlvOk45rIeRYfFgbDB0Uj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=chatliv.com_auto_interstitial_desktop&e=nai&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
age
931536
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a3db15914d-FRA
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=chatliv.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
age
931536
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a3db19914d-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2038057386901026&correlator=3233897724167060&eid=31078932&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=44890869%3A22585803458%2Cca-pub-3831894559014614-tag%2Ced8d416c-c0a1-45be-a487-cf5b227e4385&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dc928220b04d1bbc9%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_MZG4y9O4ap-e5neHoDZB902p7LSiQ&gpic=UID%3D00000c9c850d4105%3AT%3D1697715773%3ART%3D1697715773%3AS%3DALNI_Mbt6PMf4GBpEwOcwTRuu__X-Yy-fw&abxe=1&dt=1697715774056&lmt=1697708574&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fchatliv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97_7vbQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v_u9tDFIAFICCGQSGQoKcHViY2lkLm9yZxirwPu9tDFIAFICCGoSGAoJeWFob28uY29tGJTB-720MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj3v_u9tDFIAFICCGQSFwoIcnRiaG91c2UYz8D7vbQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaU0xaHBObWxFY1c5UlJTdFlOa1pUY1VScU16RlhRVDA5SW4wPRjtwvu9tDFIABIZCgp1aWRhcGkuY29tGPe_-720MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhcH7vbQxSABSAghq&dlt=1697715772838&idt=564&prev_scp=ti%3De231d3bc-a4ea-4cbb-bd3d-587996d61bbd%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D72&adks=3778207632&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12d34c45f3a74b3ea714f41d3bca2c8617db45e1e9db1e854fd176ffc5bfe69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17491
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chatliv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 355B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c9a3433b43f286d98060255b101bd4ccbe4dd7931762d36e2d48575dfe119f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 355B 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgKGJPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE4wFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkTfgQ5ftIjcRIAX43szimdNJzvt6amYOsfg55xIBhYI0HHli2qNKoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTAzNTIzMDYzNjY0NjA2OTEYAA&sigh=cwgSNZoZbQY&uach_m=[UACH]&cid=CAQSPADICaaNxpoLoBHBC8z-WDjgXhW7ggAtgAIpOqZ-HfZXzkySwBO-IWFrLSiwWfW_LnQQu9NftfpOcXDexxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 355B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h5am7gxdm8073279x2ya6svr6w9pypk5b2b326jd40xj8qbwvzjsyt2t8snhfepd2bxxedppvdaepg6xtwgh3vfnh3are022n2zem6j5tzr2tzs0a2fvz6e84hbdb9j26cch8n5zh3ktdp8q47amfbyp236rwayn5gchrppxh2ke71vbs37125pn68k1x52t42fp0weaps17brc626mn6v12m9fn16z4qq15s39tb3d5kqzfd0q4n52k43gebg4mkss60f6ywdj712mvfvzdbb1eshpzkbqvq6qv3dg4qe7zd8m6rxqem4wh56h8eyt38y8a7cs0qwax6z0wx6jhhttdxevw8ptjce8kedacbgkhd5qg7tamhs2a71rvyymmdj4gyqgkw&b=ZTEWPQAGULQEf4vuAARF_sa_fqBjjlAubv696w&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0352306366460691&output=html&h=280&slotname=5220620570&adk=2853024514&adf=4267428528&pi=t.ma~as.5220620570&w=360&fwrn=4&fwrnh=100&lmt=1697708573&rafmt=1&format=360x280&url=https%3A%2F%2Fchatliv.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697715773125&bpp=4&bdt=287&idt=184&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=3230657768437&frm=20&pv=2&ga_vid=328686676.1697715773&ga_sid=1697715773&ga_hid=2055503321&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44805113%2C44805533%2C44805681%2C31078297&oid=2&pvsid=2038057386901026&tmod=1400327972&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=vtApHJ8YkP&p=https%3A//chatliv.com&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 11:42:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 8964 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kswj7s7m0r9a2d4hft593egnpay4wpvv19we8y94ek7h1cv1d6mbjd85bvwzn59s8cergcar2dt23xfprbbbywq8j8fwh7sb6r3j9nne520hjwwbyphk5c4way7epyqzyh31cpygs6tewmxt11g0regaf7ezhz9hkte8fdk3a9tt8vbhhj8vc6m7n1mjtwnww87qrm9605tzqrcn7bsegs5ered7ap8d9vfssjhj5nd8mr1yrah9zr7kn0qg1z2v87zfqctnkzdyr9ax2ca8zeqyn5xqq3cawxmrmtnvkskt9wnxt1cjxpn8n7xazpcjsb82n93h11t7w7fgas56maq5h347d43wj5gjvh9wv50vzrpphvjz11mce3zyk76bnfnaqcb7f9fqnwbv3xv92msyjm4ynvesca67vv5eqy3y39jxejva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%26client%3Dca-pub-0352306366460691%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kswj7s7m0r9a2d4hft593egnpay4wpvv19we8y94ek7h1cv1d6mbjd85bvwzn59s8cergcar2dt23xfprbbbywq8j8fwh7sb6r3j9nne520hjwwbyphk5c4way7epyqzyh31cpygs6tewmxt11g0regaf7ezhz9hkte8fdk3a9tt8vbhhj8vc6m7n1mjtwnww87qrm9605tzqrcn7bsegs5ered7ap8d9vfssjhj5nd8mr1yrah9zr7kn0qg1z2v87zfqctnkzdyr9ax2ca8zeqyn5xqq3cawxmrmtnvkskt9wnxt1cjxpn8n7xazpcjsb82n93h11t7w7fgas56maq5h347d43wj5gjvh9wv50vzrpphvjz11mce3zyk76bnfnaqcb7f9fqnwbv3xv92msyjm4ynvesca67vv5eqy3y39jxejva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%26client%3Dca-pub-0352306366460691%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537336
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpEWzc4s%2FbYQ18bF44xFPCrojiaVBfOiWdfp0VBOrwzn4LkB3o6SXRzoN2hgsEggZdo%2F9hnjt9QsLmuX5H4%2F5VpM2c2PNZzdO%2Fc8V2cNoNBlfHDoO9vQ4v2bpi6Dfy4ajbBeY9v2N28%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=3600
cf-ray
8188c2a45a8490d7-FRA
expires
Thu, 19 Oct 2023 12:42:54 GMT
r62eglto.js
ad4m.at/ Frame 8964 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kswj7s7m0r9a2d4hft593egnpay4wpvv19we8y94ek7h1cv1d6mbjd85bvwzn59s8cergcar2dt23xfprbbbywq8j8fwh7sb6r3j9nne520hjwwbyphk5c4way7epyqzyh31cpygs6tewmxt11g0regaf7ezhz9hkte8fdk3a9tt8vbhhj8vc6m7n1mjtwnww87qrm9605tzqrcn7bsegs5ered7ap8d9vfssjhj5nd8mr1yrah9zr7kn0qg1z2v87zfqctnkzdyr9ax2ca8zeqyn5xqq3cawxmrmtnvkskt9wnxt1cjxpn8n7xazpcjsb82n93h11t7w7fgas56maq5h347d43wj5gjvh9wv50vzrpphvjz11mce3zyk76bnfnaqcb7f9fqnwbv3xv92msyjm4ynvesca67vv5eqy3y39jxejva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%26client%3Dca-pub-0352306366460691%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
537336
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZbIH%2FJtZHljsdGBFZkSSs9TumvK9CkKnbzy12rHE%2BjHrObtp2sZ%2FxDTtIPGzKM3RThUlmBAiuB9k63QUz7vaahuci2gal3Ryrx%2B9mpnTEkryZaZds1i0ldVmzVe0bqjPHTcFWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8188c2a46a9a90d7-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 10 Oct 2023 16:30:25 GMT
container.html
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B40C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Fri, 18 Oct 2024 11:42:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=chatliv.com_fluid_sq_chatliv&sy=24408cc0-e875-415a-b642-32dce43d9e8d&ts=72&cd=2&pud=351&pus=c&pue=647&pid=21&pis=c&pie=669&ppd=195&pps=a&ppe=843&pcl=379&ttc=1031&tti=1613&ttif=0&lca=843&lcak=ppe&lct=843&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=chatliv.com&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=e231d3bc-a4ea-4cbb-bd3d-587996d61bbd&e=lm&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
age
931536
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a48c2a914d-FRA
container.html
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Fri, 18 Oct 2024 11:42:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d1b2086f7aebdbc2ad2f8ef8027fedab2d762bd4884de4fc494ac369f43cd20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=chatliv.com_fluid_sq_chatliv&sy=24408cc0-e875-415a-b642-32dce43d9e8d&ts=72&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=chatliv.com&mlre=undefined&mlin=0&mlsi=620x280&mlbw=4g&mlcs=NaN&mltp=e231d3bc-a4ea-4cbb-bd3d-587996d61bbd&e=lm&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
age
931536
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a49c47914d-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5387 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVjLRGwR9dsvAtkPo61g5MXj-WpnuX64l0J7_gX3slg2qdIf-019C_XY-D_NQlZAM_hy6D2Z79XDQwEnttHsh6U8V6zEjtHDHbQeL3pfui8bJFHYm5_LwyjcFVDLPQJ9tlMJL2nPCLGedv3a_qXRKHpJmvONNlkilVPSkIYtvZ7QabKdlYA08mxSwQ1DH2QJrOlE7BNDzrKVc9WuMRmdl5n_9Dirg
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B40C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B40C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dm7xYQ6Yfl5IXRHx9sfnvNtSHgdNCBL2hI9am5YMi_Mp0cNCMQqwce-4rHK8JvC5MmQT1OlH_2OOyNm532_olFlmCWwVcqldorv0h62JinTgll2tw
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B40C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4477964504335244596&x=1&ct=77
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B40C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
6018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:02:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B40C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
47257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B40C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 45AD 		152 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2a8da12261023116512a6e17a604cf92ec0a9208d7f5e449f4d5939c0da03a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=RuvXT74Adt7fC6NOZyQHZPZeJYKTC4zqhuN_yD4voMH2SOTnXHFzz7vcC4tjI8RPHE1Jo26B-BYPhwwKa2UVeO6O4drYD-te8WV1LyitF7lGhpHbH-X7rTtQ7tWzwY0WTkN2F0bKXK5BbdkS19LgZFnSKiSWkx1Fb21YAGYfxZCw0M20edLYz_qRvmWeGzBj_Rbmu1iJ1iOVWc3gK5tDwFkak4HPQaO3WQmk1lt6QY7J6I9g02DSls13tcRztccF1wVcGA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
49995853
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 74D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
6018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:02:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6166 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 74D1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
47257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
l
www.google.com/ads/measurement/ Frame 74D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzNcxYXV5A7YCkDnlStT80lPFAPTudLwhEk61pZ7IcWqMtYURnBzywY6Leac-hpBl0dyTh6HvtNlUZIMpf8GIOZBhJsQ
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 74D1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
536925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 12 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74D1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
container.html
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 543A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Fri, 18 Oct 2024 11:42:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=chatliv.com_fluid_sq_chatliv&sy=24408cc0-e875-415a-b642-32dce43d9e8d&ts=72&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=chatliv.com&mlre=undefined&mlin=0&mlsi=880x280&mlbw=4g&mlcs=NaN&mltp=e231d3bc-a4ea-4cbb-bd3d-587996d61bbd&e=lm&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
age
931536
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a4ecb2914d-FRA
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8964 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
821
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr2SGQpeCrRPOYA0aZP9xHPR7TwoaBmZpZBIr0RlFWE2ssur5ExvtFEEsCfAPeP5AGV%2BUsPNrM%2Bzl6EloZQycCniMX11w0YaeFI103aAJDzzQbwNvPHKXutkq6qJaVr%2F0dmf%2BoHPc5USwMeCqiAn%2FgiW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
8188c2a55ffe904f-FRA
expires
Thu, 19 Oct 2023 11:41:00 GMT
frame.html
ad4m.at/ Frame F834 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
167945
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8188c2a50a6739e5-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 11:42:54 GMT
expires
Tue, 17 Oct 2023 13:36:06 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nu5zRiyemP3Lzu7pmql8K3U%2FpSH5CIf4LRJaEs32Tb93kcxECjPnrCmsdxvJpcyivAZsMBNdSMdNMGC%2BPQUPs0zlooKqtcQpXwaKu%2BTuV6PYa0inEnAVDIWvbSooyPiMJ1nqD5s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 6166
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmT08F4pVmuHwTZ4mYNgUePDqUGg67RPH2P8Ck8QwUC6L88OwdSkEHrQTyXDLMccRt9iEaR7Cuk_tkGeeKkOOtk2o5r9wq0
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT08F4pVmuHwTZ4mYNgUePDqUGg67RPH2P8Ck8QwUC6L88OwdSkEHrQTyXDLMccRt9iEaR7Cuk_tkGeeKk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT08F4pVmuHwTZ4mYNgUePDqUGg67RPH2P8Ck8QwUC6L88OwdSkEHrQTyXDLMccRt9iEaR7Cuk_tkGeeKkOOtk2o5r9wq0
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT08F4pVmuHwTZ4mYNgUePDqUGg67RPH2P8Ck8QwUC6L88OwdSkEHrQTyXDLMccRt9iEaR7Cuk_tkGeeKkOOtk2o5r9wq0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 11:42:54 GMT
google
match.adsrvr.org/track/cmf/ Frame 6166 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHtLCMMpGcQJzNTeXk-Q_IE&google_cver=1&google_push=AXcoOmS8ZhM3qh8rEsKv07DnvpJHfy9T2hsg4KcukpnnfVtypeA1chBYMSuN-fFCyvAl7KxoUnzaNONPQKUAO-Qn6y6cwst_5ksp
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6166
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q8wMRk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q8wMRk
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQyppZ7qafSCBGuB40WE11M2k7TwKynSiraFqe0Za_xBw5RRER2SP9Lwrg7PJiIkLiLY85qiKPKZtsV5FJMFhteT1Q8wMRk
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
/
b1sync.zemanta.com/usersync/googleadx/ Frame 6166
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmTCMYLY-qbJP5LTsVMLJc7YmcDXCMKcJi9OzFcqEekl8C8YPUYCPeKULGR1GOUWxU-rwBZjJX1XV9vc7...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_push=AXcoOmTCMYLY-qbJP5LTsVMLJc7YmcDXCMKcJi9OzFcqEekl8C8YPUYCPeKULGR1GOUWxU-rwBZjJX1XV9vc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCMYLY-qbJP5LTsVMLJc7YmcDXCMKcJi9OzFcqEekl8C8YPUYCPeKULGR1GOUWxU-rwBZjJX1XV9vc7DolkchCW9QGncqT&google_hm=MnB5UTEwQjYtb1ZHenI0...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
HTTP/1.1
Server
50.31.142.191 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame 6166 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6166 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUK42ww1M9dG4ZxN4ELwH9dwN1vtwhD4s8pcOX57OBaE7UtVQUO0JK6Hev
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame E425 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVpDiYlq8ekBSdlaHtPYKDHVOdjmKmqOWCBqvokEPJ_osok6aN4IQGDjBsmiTmmvU_1dYj4M2y2_tbGzPiKNHjZboH2j0-lu3eLscFP8N2SOG88_cQAzWNoGkwDbfU9zD2U7ttVAzIBl6FF10k6tTx6qK2eVcBRTNVoJVnpPisUVDbhsz1apYKV7YfDbzB9jlsAKF_VyHK18cqUp6w23drBfL0Tgg
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 543A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 543A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACWsnx4Zfn18gFUybZO5hg2zValPAqmFbh-lc5Qm91YcCMU9cglG7UygA9Xqi7WpUKSp4-l_0dsdLgAS814NeAQlC0oaikNAY4AclpP4AaaZ2l7QQ
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 543A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17942352128628904040&x=1&ct=77
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 543A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
6018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:02:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 543A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
47257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
l
www.google.com/ads/measurement/ Frame 543A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtGTwcpdUqerHgwc_OVTIsbeMmZCk1_cuEOg9kA47ZF3OenngFkWW3pbiaCfnhRV1Qsq9gKQUr9sYM2XSbom-nby1u0g
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 543A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
truncated
/ Frame 74D1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0445fac7355f5993d6aed3ff6a2b75e8b33fc251ef793f66933fc67e4ddc2c59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 5387
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1&C=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVjLRGwR9dsvAtkPo61g5MXj-WpnuX64l0J7_gX3slg2qdIf-019C_XY-D_NQlZAM_hy6D2Z79XDQwEnttHsh6U8V6zEjtHDHbQeL3pfui8bJFHYm5_LwyjcFVDLPQJ9tlMJL2nPCLGedv3a_qXRKHpJmvONNlkilVPSkIYtvZ7QabKdlYA08mxSwQ1DH2QJrOlE7BNDzrKVc9WuMRmdl5n_9Dirg
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA3STQuqsWB3z%2B9lLKtus57lGz6UWZJ8tyuiUB6orX0n4pZ4PhLUTQdfpaYfJ8Rv%2BBl7Sag4qxAR5iM7gx7mXsHZvb1X08NiKHjkPKqSUEuuRJ1Buo1ego2PHJ2fDs%2BaTPWBPeBI3Nh56g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8188c2a5abb830ee-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUVB%2FHnhE90Us85OCqJ2gzYKJ6Vlmdj5iOrPosPUCTErlgL7LA%2Bmh8NoyWkAI7sk1EdC70ZaSwfzGy4LIeNU7lmUWmDMrqDZvFsq%2BE9jc96vKjiB7FvCPdp1tt%2B4%2B4Ga3heFPApKjLJTOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1&C=1
cache-control
no-cache
cf-ray
8188c2a57b8c30ee-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 5387
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTEWPoQokV8Zhf5r42NtowAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVjLRGwR9dsvAtkPo61g5MXj-WpnuX64l0J7_gX3slg2qdIf-019C_XY-D_NQlZAM_hy6D2Z79XDQwEnttHsh6U8V6zEjtHDHbQeL3pfui8bJFHYm5_LwyjcFVDLPQJ9tlMJL2nPCLGedv3a_qXRKHpJmvONNlkilVPSkIYtvZ7QabKdlYA08mxSwQ1DH2QJrOlE7BNDzrKVc9WuMRmdl5n_9Dirg
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQVRCNgePE95r4u%2FYDMiPwlENZ%2FW3nMX4CgnPWschlLgQeLjAsGLEqK5fR62MKJD%2B3SwQrmMdTqXNQWU9YBPF8RXAlvh4eS1GTPcZFYhBPv3qO%2BjVdpGUI7U2v%2FPxx5WUZ41r1oG5dIpeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8188c2a5fcb31e6c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNYlXR6Hywmf3lFd8r14R4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 5387
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENL4U7ApOTa6In1ERsWQ0QA&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENL4U7ApOTa6In1ERsWQ0QA%26google_cver%3D1
43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENL4U7ApOTa6In1ERsWQ0QA%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVjLRGwR9dsvAtkPo61g5MXj-WpnuX64l0J7_gX3slg2qdIf-019C_XY-D_NQlZAM_hy6D2Z79XDQwEnttHsh6U8V6zEjtHDHbQeL3pfui8bJFHYm5_LwyjcFVDLPQJ9tlMJL2nPCLGedv3a_qXRKHpJmvONNlkilVPSkIYtvZ7QabKdlYA08mxSwQ1DH2QJrOlE7BNDzrKVc9WuMRmdl5n_9Dirg
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
an-x-request-uuid
095d5939-3b36-46ef-8fb2-c051fc881c3f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.36; 81.95.5.36; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
an-x-request-uuid
2c6d3404-8742-449e-b902-0659f306deae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENL4U7ApOTa6In1ERsWQ0QA%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.36; 81.95.5.36; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5387
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2ODMzMDQ4MjczNDUzMjMzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2ODMzMDQ4MjczNDUzMjMzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVjLRGwR9dsvAtkPo61g5MXj-WpnuX64l0J7_gX3slg2qdIf-019C_XY-D_NQlZAM_hy6D2Z79XDQwEnttHsh6U8V6zEjtHDHbQeL3pfui8bJFHYm5_LwyjcFVDLPQJ9tlMJL2nPCLGedv3a_qXRKHpJmvONNlkilVPSkIYtvZ7QabKdlYA08mxSwQ1DH2QJrOlE7BNDzrKVc9WuMRmdl5n_9Dirg
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
an-x-request-uuid
1dca76b3-228d-4752-adb4-0669739cbe33
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2ODMzMDQ4MjczNDUzMjMzNw%3D%3D
x-proxy-origin
81.95.5.36; 81.95.5.36; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKoBFPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS6Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tZAtiMXkCEIgZpzn6i6zCNzrVi_jyAuNtKARmrLsJh8EfXMl832t4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=lTJbobJoA0s&uach_m=[UACH]&cid=CAQSOwDICaaNHlh15L5L_p-T1jSc2AC9WpZQS_vNKmWnM2zjNdT3euM9CRFcgjaBSmO1bhsil30C0KWnmWviGAE&cbvp=2&vis=1
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 74D1 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EOzZW-wEmAKdg2ICAgAAAHobFO5qgn2yED0WMWXAT8UZo5Qe8GI9AAASAAAKCkFRVUJBUUVCQVE&wp=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&cbvp=2
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
151895
server
Kestrel
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B40C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3871024961264&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B40C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3871024961264&version=m202309260101&ct=77&x=1&cor=4477964504335245000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B40C 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANRoQBocwKaQH-Gy3ajuUe_OJpKOk1zf3mLUZOLY6iuNtNu40iDcDNgade-Dqj8Y0-8G-K256hNodh3ZG1KPcKZCo4mVxcuT7O53UPIyX5fpkGulXuB1TL3IxKfDZtG72a8R9I7sksZtOOeRi6CQtmkPqIQO--_HalUPzY5Fvgd9MiG64&cry=1&dbm_d=AKAmf-BJoE5s6OmnC4FRxSZjc_LFvVT_TgSYwDzzO8upcTM5zjMydZH7xjbh_O2GA6j-p4nMTyu5B7Ly1MHmEANbBerO960-MEJB7lWZjsGbBiGa9e2iVEmP1whwjQr76C4GlL89r7VIoPZ4PY0phJSfSSZOrkbgv2lt42eik_AdyFUPRS6W2jFkQmfkkxmvorZi5yE1IohkzzkFeJ2A2vBbKyaJv2YDRFiiNd6bd822qA8YN_NZGBEMOlaemg8yMK50kvLQIu_okyTfPOG8NdKvy06oRf1DXV-JcpMuoRF4WZWOTzak_cuuqOW3iCPmXEsdoWrMdD-VFczMpYhEny5NghzjvejmDWY-KIp6x4uNbe5Jd9qF7Sgth8ZXyWPC3isfp16BjOBFa9ImcGkYNusqiLOOBsx5m1Ol9Qw3z3axdbAylNbmF2jJTeTBDP8ZYciJQgWJs1JR1IzhRgNp7YmYfXajn2B6q5MAPlH_QyxRJ0jB17tY1uNgrPLanzgz8xCH91lAuI8s1esigPeskpGn-IAzC70DnkYmV_9_fQTWHFbRm6z0mjuIGjooHJpBmPtkzmA_4FnrsIOk7QTN0jID8BVZtkl63AdQ-XXLnEvymKlkUWraLfrC2LJAFDe9-TkRbd-I_0q1w3_eKVqJlOmNY_xHRzCivn6W_mfRXx-IV9hmdaewP-FV82nKFQKTBnbaFXS79v13FIT-rBCny9hXIcbpdNQ3AAIA812Y_BdVVbplqzRNQo6mVSOjDldFcvMU7Nk_0bvlx88ct1yB3pXYWXsmNyGjRNSwgI6ANWUAmV1AXkMXeLw1Ck7m-V3eI0Mjmsfj0f3EAyPDZh6OpfvT4QWmls5LmKCgO2zOa5XX6JvNyKB81fWR00UAGOOMXPHHUae1PgcsJjUdPaUpS7WygS4tZOdLTxFGZ8EAaQJ56EWpjLF6vCtYPdh6VODPDS3qy8EruGUVos1NtZNlUgwff4_ZEBi0Wwh_Oy_9CSydMfv8LSq_lbYQx3WGw6ZQswGZQRiAGUsoOlnZYCucAoACcD5RyOM4sake0XQOhn3XyXptRWtkTeg2nx_MuaXGvrJNOg1JPM93G_y-hpImBhTbUslq640GVvAzCSm4FTVB7cugRh0KpkZxPP8MT3oAHMFRXPuV_j4BIe6E1USCUV_mtdV80nZgse7GyIT7fND1Mo3FNrV46Z1Sqe7RTX_hq1uRQfoB3vEqSnB2Txb_CS7F4PmeAZOolyJOisg_QEMtWRXVgOcNoG9gCX0lKb-Qeo6hcMtXzkUCL3jLw2u223rsetXeLWvISSF_aOUyLmrgSwrVVUzPzY54GFbvsvSWIf7jCVMbZnVvCfViWt1ZGDZ8Q4l7kjnNkr_nuDdrVLyUTczBAu1ySqnhqn5JOERPdw3b7Tm9AnsFiN2A7e-1G2MX2kl1EInHPceYtEkJ3tch_fwuiQGjukU5146M6hg3-Qdc2RA9BBuevY1HVXofLbCqBcJ0JfoHJD7JKH1W9PLnKeZwCWz8Egxqx7YcZQRFhP0Fo2NWtw54WVaLHgp8KKtHRFGS81pqC3HQ_GM6oRx5TtusPeTQUR12Pzx42Y6GOtUSq7yxCyOjWdHTSXovK6k44coXH9Pn4QX-BLIYc812Wli_ey7m6y6AuQ13oKLwSmsrm5XJOO8cZNicyW0jNSdFYXKvuHEnxI_ZsCCmZmtwPV_MDeH_461GU7Qy_cibKDZJb_RraNZ683Lc2nZYnIMR4OUKIVXBnKmsLmRhu2i95PAGh0CkN4NjzfheFCVATC3kRJow56SFyu19_aX7OZZ7ex_4ylSiICFc8VBEiUX6Jy2x6HlOJJ-24pPhTeN3R7fA7eq3NPrfCHCENXZR1iiYaDMLczpJDtIwAqPFL0MFmy247nWgmarXvDqBOBvCKaIeEn9bkFN3tIrQ6G9rFuz9fv76_6wiAdy51dx9DFqj_M30tQOB1mqGt_Eyeb1Bq4erD4wDrsyc1UUPyNF4XAkGr731dZ6aNFPoLZDAXHMWArP76ceytfUhqXH5ub0qjrBzcnZDHDfiomhnfUQfc4U-Dzxa89CKKE2uWorUjf2UhCwDjd-epTzURSLHrCOjkxxJeB6bCv1yhrS1xaCES8KaZ4bPl5PMz75apskMhtZZXhptwGnanm7El9umdYjcf95NWXmcaBCzA52C5fLJV9nWZvcJyFjs91aEvTR-YDHYL77In5_bc38Ei5M-4Z7DWbhR2ReZwUsoaA2EyF-hXDiN3nMpSrBDJQBzQn-5VBN6vLOVZWCgwNMwTYs3DnnKJn-cxIdtxrlWifu8T501IkT3YnS6H7gG_ok-dIhlTkGnVu2xAgkFuoYM7uuHmncU0Z-0Xg_sjJB7ZisCEY-W79eVx5i9kKzZ54Kzv_-qDcoPaGKIvE9WW4sRiZ3nvhjyuZDfSJmlADkhKgGtKZEpSkrBdt659N20WeNzZwveDKEyB3OV4j3IXs87mio-KoH_ETu0QP1o1xNDv-N7TDyB5N80nvdkkIfHyRzrj0APe0K0CYbPTw_yKcGKnKjRL56WXysZFD9pLw1abBDGFZ3y8H3kpOJPoW3LJ_a2ZiZ1QgcVNEbf2p7FP5gONhGbxoHb6jLCMEwndzrgj_5lA_hLpvFULJYuE0s19-TBmqgCFZnyxyQ5HrunDOE8e3r37PBQXw1GdtZAwlXAA9fG2ICfK6oo2zj_to0A_vl7ui-P9sFUk5iBqXa7kdsKWCpWVG-ZxIaUrPmK58NLagUbRuE-uHKjMCIET7sR3B64JCdGZc3SUdwPnWJmloCWoOELgMwuMNeQNjKsyx_9-Z3KPeip3BxGD93aICL4r1qIjoO10Tq-P9cyadCq5xo447RukCGSZUoz3tFjXrEPmto-qqxVbF4LwxhFG2665empm1dl35jr7WdgpL4ascFsxei4hfjVBCxmGJCY0UNnPj48loD5s0vUBSx4f_GsDhdaPuBHUA1OylfjEErLkCrWZQ-2CzsZeyCJImw3o6MbLOMCKcX2ycKld1z6HloImMkrzszPkYstKvPP9Q-nZ_eEE4hMqEnQwo4jN_SowIV0MQjr4dlmN-G6s2m2ayKRCg8Mb2dQP6NCUzncmGnqXZCBgQlQguXnwNeRdLBOiv416I0vtUVxfSmgH-v4C0qrzjZ2MJ64aB6lFePLXo8B0b319hJLuUlfGuCK-00iGGIZjsHSc97UiKl4MSHe5vlpPG9L7J89Ys0lrXGSgCH3lGcTS3PdXe3hNUYB-F4Ky6miE_X7TDDiHedAS9WDqQ0LqywX8vEsm2DsVRPO6Hl4MwtYfwvyzoEjEGFOI04LFvAP5a-SFhXrrpri0iFo7ljl_sUA7W1Ar8f2sLv7hY7mWDB265aDkR6kIjuEX7pYlKSd3mOY3HWIT0W3cAkd6KPnQLgI2T1_Ovo59Q4dX74a9KoU5iFnKSbZlGBrjlhMXyHNlSOJNn2IQZO8ldFCt6C_ky6o56aToidlgxQCkVbfPYxTyxNeJN7qrAz7rwWYqlKbw1CE8bllo42qh3EvkCiHlc5YOrdJ5GwZFhXXytBnfAXvkKkp6mxw5F1HhcLf-PpMHBrSXnP8EOYWFIrf5Nk39NQn56gWkAh1CP_SzXxj4nwMzriEUUptJlWjXq5OgJtH9j7AYeU7Y21AI9-9LJ4dZvSrx48_FIBiKs4eR69fb-jkh5zuJQPTCcn3yoolMz6FoUrjc_b-nkKiNGGHtVeRTzcJnhhX_RYDgUOm0II5blZlV68d4gssVRZAq_1AX-62wsarBTudr0Ykj8i70OHAMXEos6qnaMKgN8YrmjsWLBFBYg7txu98v2BhnUkHYGhUNXiDxk7qVqyuyY-L90FfgPr5ddI6zCaL7YugseZ4uZBi7Qk4zQh6EQ_7QLpjwmZZGn3Tpw9QuJYNwLwp9qZdkoEeh80E49TMJ58wlNQCTE765UeMCqg3uwafP5uvNIpw&cid=CAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=4477964504335245000&adk=3047537735&idt=96&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0eca345d516df2948402419c2b59c1843242bcc86c26cb751721d2f83869668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11947
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E425
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKr9s2HSGxEgS0yUOeHkC-Y&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKr9s2HSGxEgS0yUOeHkC-Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVpDiYlq8ekBSdlaHtPYKDHVOdjmKmqOWCBqvokEPJ_osok6aN4IQGDjBsmiTmmvU_1dYj4M2y2_tbGzPiKNHjZboH2j0-lu3eLscFP8N2SOG88_cQAzWNoGkwDbfU9zD2U7ttVAzIBl6FF10k6tTx6qK2eVcBRTNVoJVnpPisUVDbhsz1apYKV7YfDbzB9jlsAKF_VyHK18cqUp6w23drBfL0Tgg
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKr9s2HSGxEgS0yUOeHkC-Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame E425 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVpDiYlq8ekBSdlaHtPYKDHVOdjmKmqOWCBqvokEPJ_osok6aN4IQGDjBsmiTmmvU_1dYj4M2y2_tbGzPiKNHjZboH2j0-lu3eLscFP8N2SOG88_cQAzWNoGkwDbfU9zD2U7ttVAzIBl6FF10k6tTx6qK2eVcBRTNVoJVnpPisUVDbhsz1apYKV7YfDbzB9jlsAKF_VyHK18cqUp6w23drBfL0Tgg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame E425
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIbltGw5AsMX1OGB2XQc3O0&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIbltGw5AsMX1OGB2XQc3O0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVpDiYlq8ekBSdlaHtPYKDHVOdjmKmqOWCBqvokEPJ_osok6aN4IQGDjBsmiTmmvU_1dYj4M2y2_tbGzPiKNHjZboH2j0-lu3eLscFP8N2SOG88_cQAzWNoGkwDbfU9zD2U7ttVAzIBl6FF10k6tTx6qK2eVcBRTNVoJVnpPisUVDbhsz1apYKV7YfDbzB9jlsAKF_VyHK18cqUp6w23drBfL0Tgg
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 11:42:54 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEIbltGw5AsMX1OGB2XQc3O0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E425 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxji8LvGATAB&v=APEucNVpDiYlq8ekBSdlaHtPYKDHVOdjmKmqOWCBqvokEPJ_osok6aN4IQGDjBsmiTmmvU_1dYj4M2y2_tbGzPiKNHjZboH2j0-lu3eLscFP8N2SOG88_cQAzWNoGkwDbfU9zD2U7ttVAzIBl6FF10k6tTx6qK2eVcBRTNVoJVnpPisUVDbhsz1apYKV7YfDbzB9jlsAKF_VyHK18cqUp6w23drBfL0Tgg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 11:42:54 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
privacy_small.svg
static.criteo.net/flash/icon/ Frame 45AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 45AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 45AD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 13 Oct 2024 11:42:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 45AD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 13 Oct 2024 11:42:54 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 45AD 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GZ_tckrGkKAh0kzhgRmYyOWJSL3nJqb475aOFYWj0zBimdvOIbO7bNYv0r-57LcErT-tjppR_o0hIln6vIR-PxyuePzMVr3JWUvyVMBvwgRaWEJepXxNrQSSrDyjEL32iAl0q-zDi2FHV0ACw_0COn5HJpfDx4-UqF2plME3W6hwlAREzVG0p1I75BHqbBxDnF7u-jv9Xx1HcA8NeKMt5pSGuV9feIbVRj6bgRRGnP0rlwcBBRNnJq4FoWWF1DK8c2ikktwQTc0XznSNWSD4H5ZLl62Oj_JcpX1zlqsbB20-yxNlcYU-w7Np8N-BSUKFxV_SHVuyt6GImKLRWRsy0EMY-8SdY013hlr3yp3MS0xx-wXdLsAD6c0qwP9nHsd1F3No3TlNita-h2LCXHyGIOSwWQ3zWe303SJeeTi1njJJHRMc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2566504
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 45AD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2920798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0j0MVLiAPfCydtSUrjUqcfqS2fVX1zCFi5EFeZcWC%2FE7eHOP3nQukgezrs5xjg7d93TsU2u6rURFc8ju5Ew8u2ayJH0zVfVTGGL%2BRrPW2ULSpUDTtox1LAZZnDpwj1Qw9guQJzNy0qaxMN2jrh7PcjP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8188c2a5f83c92a7-FRA
expires
Tue, 08 Oct 2024 11:42:54 GMT
animejs.js
static.criteo.net/animejs/ Frame 45AD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 45AD 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 45AD 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 543A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8601019939336&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 543A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8601019939336&version=m202309260101&ct=77&x=1&cor=17942352128628904000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 543A 		19 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSTdl0hJJQ_FqwPFhGiKsfvOh3pcNoanSsXJEQmT480-zX3M8erwN0LzyA23UlZphWXuTUITLheUPF-ZmBV1N7iqW3ntoKv6fe7W9btxSJVb49OdqqMBJdVleBdU987zGEY6WEpwzM2RDpv2DqiAa42ehBMdqpadsPFlf52fR18MCKnlg&cry=1&dbm_d=AKAmf-CqMIjYsFo1BPcX2AAdwLhdEwqIu6VjDOOoZ3PDdeYNLQRHOyonAsSC5amPkvTbGX650eRmeGnmlT84-9g1L76zR8PHcqJfJQEkzV3qs8-bNYhj4_BPC3T7O8BCXPYs3_yfCICNGpztvhDfN9yHT2zgmP6VzUZEOO4w7hMIij2rxvl9q4eS0i9zdVN1zuXpFCRRY8ChZiBrOySbAcTZRBeosdyF414MB2O09KP3Z-Se6TQQZ9SYgbPNJH2Ecmwpq8djfeFp8Qt5r1Gj6FPalaKio_NiiAzdIE2ci6X2fWnv4Spi7kORVCTIYr-Zn74-uh-gg0Purgva73RMAZ2ghKhWZ4e5ktVfuGyCv0UvL0GPvPxRJEmlIYLvPlCCPNPLR3vbQG6aF9fxJd1JZBK-uzv3dDDuv6otYBWH85UW73Y_bvhhaUXFpIYJiIm-hL7_weKkm1EqBfiaE9MQxM3N47U7iEsozFsViTG-jbDxbJlH9fkmGpImkEEY7lykJrItsrDAQmaHzeUcN8AbBE1hV2WQVaat-RuqjqQZJlv-Yv7w0FKDYESwZ2wLIFG2w-TmAOvgB1L9zttn4ePaeoz9MRjMHvj7gev1uZf1xG0uUhwcLH7owS_uvlsRj7xftjtRYMQpPsGZIpOlP6AkdKY9ua7YeHvak9IEZCoFZHCB_EtKjlTv7GZ2g4EXD9kT5idrARFhTymnWqjNY1ITc4-VJU7a4Wu3pPIZ-Ir4LAjZ7mti0rLDYzgozyyYkThWOQK48FIU3axinZ-5l2hVmXqvB-O0eugZlr7f3EfwCdxehB_ENrGZnyZmifiYEYvgQ67ogvwU0PEjRaeK_5fCgs97Eda-n6nibzwajyorjhbIy9t38T3rzod51KvFUNw5XTYRj89I3enddu5LhFBcccCjcQD6stMlNfIZGh5XiI11t8w6HmpgjXyTd6DtYfTGOVkx9WkR7dKUumMcyNXowroFUHGIltWkzNZqAyewXqrFXku5fqJqQhGff-LIA_X5y8RdE0gpvqZGG33QrxcwU8U_qAYRD-DhPIS8OoOOLwFqrDv27aOSj1eyXc2E51VdxJZPMlSeYchRQ-KMqooiGAzpt8OFSR2wuYdoRIpJnKK4xk3iMnOOrRB2Rd90e0teFLh_BeobrhdazB2UHK_UyuqhHSSbnjORMxP3BMu1tVJO9iEZviDMKQgYwVff7HR6zKG0GW3tSYgTjKdalSK-IXQSYJHkQY4tkFWcFLJwIxtJodh41rSH6Bv9pZfYSNfy5b3V5H78sCOoptAMtYyBddkuA22YnTM0SfILgWIp8hu6O_iVdeueClnXJbYEbO1qQ6Pg6kNZ6h7mFYHE9O4GmX0Qk9dx-hqu3H99CWbblwPjUjQC5ZDSkVMmR95SJFc8sytcvOIknCoNvNUSpNkLMlTQbFcHJvDHScGP7S6hVg_hywaqehu9QRVvk6yHB2TLGiWotUIgqb2O-cUlPRn687xBKh59TgQRtKkVx5koN1727nMOP5q3AJcmpUxZQDwUtqvxX3YfwMr1A57Qb8eI-xjv4W_5H18PcQjlwPD19j1YQBCjbk_gxlnyQWGAb0kU48FjZ3-nvSMeaILY1Hv5jsPrEOABlDMTyhJp3VVST7Xm1AeCXy8p-Z0dwbGwf4_dOhYTUyZvKBWoxWMdHAlPzRpRM1FN8_cC8r2cqRCjkQqMkqi2At4Xh8YuipGdKsrofO4ekXMRQ1tCAvDm7p65BkghYVI4WZTgyVa7tSq8xLz56KFoAvM_NuSd6SWzvkOOMCyBJM5NX9EMLKbNgJyYiFl3KKsEpWA49wr6eRX14e7oiL0Jdlmji67U2Jjhi077kOLrK8zCJZqNM91Ajv-72xcAud-XK0OzE58rxnV8XbHpXzbwWfE1Lhj42R892wqrwZiKMi-Cht6M8b0_yOkY3dz2Y8R-3gEE6Y3QnCFgGe4zXuXKtO3RTVh6BGLf5w6LSUjiYhDuEGBWWdv0mW1ZJ4HgFgkmflGcveabyVtHE-PHVsvQFmJbfYJIIXEG8b6Jm3oR1e4euvL7Zgf38qlOlvOssETcAICUILVHHvOwqdlwp2WH6pKhzLFK8bBWqIlFya82UPLAVFb0sGdrfAnHbJ9AMpCZDlkCGgsBXPmmQ_ixOGD4fPNgKnGPpDZKn1tOecOu6wWqfB0lGmzolnifzYI8qGQYKQ-YNPZNjh5rbuRkVKgldVOnEjx7m_jwA3jPIQk4Vb8KKcbAXaHH11ZxZw95RJdcWd2W1SPo8sSyoWPI8vwZvn64D2UJn5KoX9UUwsZQ5mNX6tGSAVK2krJcGtLZm6Ko931dwaG9NlMyzUoc_R4_Vx_glEk8_B11PCN3lHOLhDpHX7OrMdEz_x7kHuhl6Gtiz-_xt5WQEuU-8cwQkSqJ-xHlc1jXYN7Jt8yEOpcgTP5248Jl0yUrNhe4agHLeETwXDqe1y0UafIJamZutgC3cTi1IhBExBVUaJ_nvBhc05a4QyMXTVdep4bUW0NuHcpYcMg4Aw0Ps2y_y3C77rmWcIsNwiJkX3uLkOzlVSQrzzl37hBXYpf6QL-K_uMdaqwQlDREo203K62yd1Ej1fR35NvWDX0KJUJP2GiwuCVij3mCKRrXpDMc0Nner7ntoAdAA8ORIbxZVTYUSvFHAh5saSOwwzVxpovgNLUlI0ZPxCsWfNFXLlnf3tiTM4NFBbU8cTStWLy_ic8RaK3HPkzflVQr6-yPpZu-NmlEHoHWgYGXKSiZJRTX_awyf5KQNwT4Nftywoghtlh2MXnSXj75DJKhvudJPFD9fViimKC3e3aMTljSGWMMKzcSSbRVgzItPXEZiocCIz6RwXmG-qaViS1mYXPbRTTrpDCgwECYPO5ZkcHUrP1fmk7YUqrpQyjm2-jwKeacZzaKJ16OtnYOVmLmDlyNAlPRCo8h9zQeWBQYPxCpqF8EJW0iv2HPq5_GOIGByDhqk7qDAEoi8ySMtu1f9H_uE_zT4ZKHnckEfSZooF1mbiB1asF2fhsP506zHWpCJ_6NR8SNz-jhytW68j9aLUNaxHJDD4bYe4PoJcCZ76Ho_ZreSiNtzEg2bUno3yhCMOkyrHfcwfRSIU-Df6fGMZiuO2Nkw-d24Syi3mJjP4P9dXW7txbVEbukNVXVD6BGFE8muq1MMar8JeALWkEGYolca_AISBURBMfBzFWTZZ0CQNyZRYtMVYOC6vEjeVA0fUbI0pnfLG6wSPS-uQdbFOCfZXCmScmj_ibeMcpCU94jqNkEKlmUARQnTwECZqnY8Iqrcc8cU1xvaFMmh0_6kKvBU3IS78md1gw8s0pTP0VlTQgC9lxBnxk6tPk30R0uYkb1VvlbtXhXSLz7g8Z5pPT74B4_UnSLIrYztafciI7dQrXYWfqFVLExnPDOjA90I0nckOdCDJ4snRgy8nVIJI1l5Up9jExXP1g44VxnlgIS8D4dvGdhrR_1nnjqeIy6bl_l7ixJ1vb_V17rvZHt0PD4rG3fq3B1TkGzyj6m9FU_s5fMXrOyvG6VQvhe2ZDMWAGEPhLMlWG34UOZjxoJ0QUhWDVPPMwrKJiYym038qdbn3A_BrFH38lB58UKgW3PbalhilMWGPvi0H-DMIYA7qL4Caoa_luqwc9zQT4D8Vcp9pA1wVMHGDWRrVDJfZGlqVWNSLA1IPOLCuug1rDFpc2hHLXduouyrgkfbC_FJpjLxZfsa9cSwkDV-G0F6SUPXdjX1rYceKiLqVEudZsvlff-i33WBFB8FeU9FM_FDDnCbVtquVCC5n0kMyclbQsnJR5s8gv5FnlXmw3HkoHtmh5VqHfB6vhHrMrgz-mT3RGKNL_gZQGKiToGh-_q6C2wxVVUQbIPG6y9MeQr5f6llo7mpYh1XQLoO1IKf-ULRH3Vkty9ov1x5m108ZE4tH8IK5aXSwhB_NvysztIPRQXlWMOBxwrRZLFyFF7l8QkgE7j&cid=CAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=17942352128628904000&adk=2086295851&idt=114&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9a505804d0f3771196ebff4c1c98bb3b0adb35b3db74f92732fe4129b13e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13773
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 45AD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&rid=4&s=-DxG3wk5ENUM8GvYIdYD6nq2
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
59d8b805b12d336d283666c0148287dfd4238f893d5ed7364ac9b542eb160853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3824
expires
Thu, 12 Sep 2024 03:34:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 45AD 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5026674%2Fbf18f9721c8c4db4b2af9413fd1473d6_img_square_1.jpg&v=3&w=1200&rid=4&s=ZN6QrhM7oW0a8cku4ytJFZsx
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69c5c03f98c10c968216bf232060f08c5c0e87e648db0e3f13963ccb195d3c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
109850
expires
Mon, 07 Oct 2024 08:19:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame 45AD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&rid=4&s=LMbwVQqqZkIT_OqRJg0FwumN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1484
expires
Fri, 04 Oct 2024 16:03:46 GMT
img
imageproxy.eu.criteo.net/img/ Frame 45AD 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1628767491%2F21174104-yvXUumn0.jpg&v=3&w=400&rid=4&s=mG-Thoxr__00yfzGkFBGQe-P&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f3caf8a629cf1aa871edb49135e7edfa2dc9f7944eac5d4da7240bbf4d16b732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
15812
expires
Fri, 20 Oct 2023 14:03:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 45AD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1684482310%2F23068623-7MUL4wlu.jpg&v=3&w=400&rid=4&s=EkHnQI9ACqdkO5TrdcjCC-tG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9e89eeacee5dd3c042b02f402c7f9ea81f4d90e5869d0da197873bd9eca4b37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
7684
expires
Fri, 20 Oct 2023 17:01:29 GMT
all
csm.eu.criteo.net/ Frame 45AD 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=RuvXT74Adt7fC6NOZyQHZPZeJYKTC4zqhuN_yD4voMH2SOTnXHFzz7vcC4tjI8RPHE1Jo26B-BYPhwwKa2UVeO6O4drYD-te8WV1LyitF7lGhpHbH-X7rTtQ7tWzwY0WTkN2F0bKXK5BbdkS19LgZFnSKiSWkx1Fb21YAGYfxZCw0M20edLYz_qRvmWeGzBj_Rbmu1iJ1iOVWc3gK5tDwFkak4HPQaO3WQmk1lt6QY7J6I9g02DSls13tcRztccF1wVcGA&sds=2&rev=88955&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 11:42:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 45AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 45AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:42:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B40C 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANRoQBocwKaQH-Gy3ajuUe_OJpKOk1zf3mLUZOLY6iuNtNu40iDcDNgade-Dqj8Y0-8G-K256hNodh3ZG1KPcKZCo4mVxcuT7O53UPIyX5fpkGulXuB1TL3IxKfDZtG72a8R9I7sksZtOOeRi6CQtmkPqIQO--_HalUPzY5Fvgd9MiG64&cry=1&dbm_d=AKAmf-BJoE5s6OmnC4FRxSZjc_LFvVT_TgSYwDzzO8upcTM5zjMydZH7xjbh_O2GA6j-p4nMTyu5B7Ly1MHmEANbBerO960-MEJB7lWZjsGbBiGa9e2iVEmP1whwjQr76C4GlL89r7VIoPZ4PY0phJSfSSZOrkbgv2lt42eik_AdyFUPRS6W2jFkQmfkkxmvorZi5yE1IohkzzkFeJ2A2vBbKyaJv2YDRFiiNd6bd822qA8YN_NZGBEMOlaemg8yMK50kvLQIu_okyTfPOG8NdKvy06oRf1DXV-JcpMuoRF4WZWOTzak_cuuqOW3iCPmXEsdoWrMdD-VFczMpYhEny5NghzjvejmDWY-KIp6x4uNbe5Jd9qF7Sgth8ZXyWPC3isfp16BjOBFa9ImcGkYNusqiLOOBsx5m1Ol9Qw3z3axdbAylNbmF2jJTeTBDP8ZYciJQgWJs1JR1IzhRgNp7YmYfXajn2B6q5MAPlH_QyxRJ0jB17tY1uNgrPLanzgz8xCH91lAuI8s1esigPeskpGn-IAzC70DnkYmV_9_fQTWHFbRm6z0mjuIGjooHJpBmPtkzmA_4FnrsIOk7QTN0jID8BVZtkl63AdQ-XXLnEvymKlkUWraLfrC2LJAFDe9-TkRbd-I_0q1w3_eKVqJlOmNY_xHRzCivn6W_mfRXx-IV9hmdaewP-FV82nKFQKTBnbaFXS79v13FIT-rBCny9hXIcbpdNQ3AAIA812Y_BdVVbplqzRNQo6mVSOjDldFcvMU7Nk_0bvlx88ct1yB3pXYWXsmNyGjRNSwgI6ANWUAmV1AXkMXeLw1Ck7m-V3eI0Mjmsfj0f3EAyPDZh6OpfvT4QWmls5LmKCgO2zOa5XX6JvNyKB81fWR00UAGOOMXPHHUae1PgcsJjUdPaUpS7WygS4tZOdLTxFGZ8EAaQJ56EWpjLF6vCtYPdh6VODPDS3qy8EruGUVos1NtZNlUgwff4_ZEBi0Wwh_Oy_9CSydMfv8LSq_lbYQx3WGw6ZQswGZQRiAGUsoOlnZYCucAoACcD5RyOM4sake0XQOhn3XyXptRWtkTeg2nx_MuaXGvrJNOg1JPM93G_y-hpImBhTbUslq640GVvAzCSm4FTVB7cugRh0KpkZxPP8MT3oAHMFRXPuV_j4BIe6E1USCUV_mtdV80nZgse7GyIT7fND1Mo3FNrV46Z1Sqe7RTX_hq1uRQfoB3vEqSnB2Txb_CS7F4PmeAZOolyJOisg_QEMtWRXVgOcNoG9gCX0lKb-Qeo6hcMtXzkUCL3jLw2u223rsetXeLWvISSF_aOUyLmrgSwrVVUzPzY54GFbvsvSWIf7jCVMbZnVvCfViWt1ZGDZ8Q4l7kjnNkr_nuDdrVLyUTczBAu1ySqnhqn5JOERPdw3b7Tm9AnsFiN2A7e-1G2MX2kl1EInHPceYtEkJ3tch_fwuiQGjukU5146M6hg3-Qdc2RA9BBuevY1HVXofLbCqBcJ0JfoHJD7JKH1W9PLnKeZwCWz8Egxqx7YcZQRFhP0Fo2NWtw54WVaLHgp8KKtHRFGS81pqC3HQ_GM6oRx5TtusPeTQUR12Pzx42Y6GOtUSq7yxCyOjWdHTSXovK6k44coXH9Pn4QX-BLIYc812Wli_ey7m6y6AuQ13oKLwSmsrm5XJOO8cZNicyW0jNSdFYXKvuHEnxI_ZsCCmZmtwPV_MDeH_461GU7Qy_cibKDZJb_RraNZ683Lc2nZYnIMR4OUKIVXBnKmsLmRhu2i95PAGh0CkN4NjzfheFCVATC3kRJow56SFyu19_aX7OZZ7ex_4ylSiICFc8VBEiUX6Jy2x6HlOJJ-24pPhTeN3R7fA7eq3NPrfCHCENXZR1iiYaDMLczpJDtIwAqPFL0MFmy247nWgmarXvDqBOBvCKaIeEn9bkFN3tIrQ6G9rFuz9fv76_6wiAdy51dx9DFqj_M30tQOB1mqGt_Eyeb1Bq4erD4wDrsyc1UUPyNF4XAkGr731dZ6aNFPoLZDAXHMWArP76ceytfUhqXH5ub0qjrBzcnZDHDfiomhnfUQfc4U-Dzxa89CKKE2uWorUjf2UhCwDjd-epTzURSLHrCOjkxxJeB6bCv1yhrS1xaCES8KaZ4bPl5PMz75apskMhtZZXhptwGnanm7El9umdYjcf95NWXmcaBCzA52C5fLJV9nWZvcJyFjs91aEvTR-YDHYL77In5_bc38Ei5M-4Z7DWbhR2ReZwUsoaA2EyF-hXDiN3nMpSrBDJQBzQn-5VBN6vLOVZWCgwNMwTYs3DnnKJn-cxIdtxrlWifu8T501IkT3YnS6H7gG_ok-dIhlTkGnVu2xAgkFuoYM7uuHmncU0Z-0Xg_sjJB7ZisCEY-W79eVx5i9kKzZ54Kzv_-qDcoPaGKIvE9WW4sRiZ3nvhjyuZDfSJmlADkhKgGtKZEpSkrBdt659N20WeNzZwveDKEyB3OV4j3IXs87mio-KoH_ETu0QP1o1xNDv-N7TDyB5N80nvdkkIfHyRzrj0APe0K0CYbPTw_yKcGKnKjRL56WXysZFD9pLw1abBDGFZ3y8H3kpOJPoW3LJ_a2ZiZ1QgcVNEbf2p7FP5gONhGbxoHb6jLCMEwndzrgj_5lA_hLpvFULJYuE0s19-TBmqgCFZnyxyQ5HrunDOE8e3r37PBQXw1GdtZAwlXAA9fG2ICfK6oo2zj_to0A_vl7ui-P9sFUk5iBqXa7kdsKWCpWVG-ZxIaUrPmK58NLagUbRuE-uHKjMCIET7sR3B64JCdGZc3SUdwPnWJmloCWoOELgMwuMNeQNjKsyx_9-Z3KPeip3BxGD93aICL4r1qIjoO10Tq-P9cyadCq5xo447RukCGSZUoz3tFjXrEPmto-qqxVbF4LwxhFG2665empm1dl35jr7WdgpL4ascFsxei4hfjVBCxmGJCY0UNnPj48loD5s0vUBSx4f_GsDhdaPuBHUA1OylfjEErLkCrWZQ-2CzsZeyCJImw3o6MbLOMCKcX2ycKld1z6HloImMkrzszPkYstKvPP9Q-nZ_eEE4hMqEnQwo4jN_SowIV0MQjr4dlmN-G6s2m2ayKRCg8Mb2dQP6NCUzncmGnqXZCBgQlQguXnwNeRdLBOiv416I0vtUVxfSmgH-v4C0qrzjZ2MJ64aB6lFePLXo8B0b319hJLuUlfGuCK-00iGGIZjsHSc97UiKl4MSHe5vlpPG9L7J89Ys0lrXGSgCH3lGcTS3PdXe3hNUYB-F4Ky6miE_X7TDDiHedAS9WDqQ0LqywX8vEsm2DsVRPO6Hl4MwtYfwvyzoEjEGFOI04LFvAP5a-SFhXrrpri0iFo7ljl_sUA7W1Ar8f2sLv7hY7mWDB265aDkR6kIjuEX7pYlKSd3mOY3HWIT0W3cAkd6KPnQLgI2T1_Ovo59Q4dX74a9KoU5iFnKSbZlGBrjlhMXyHNlSOJNn2IQZO8ldFCt6C_ky6o56aToidlgxQCkVbfPYxTyxNeJN7qrAz7rwWYqlKbw1CE8bllo42qh3EvkCiHlc5YOrdJ5GwZFhXXytBnfAXvkKkp6mxw5F1HhcLf-PpMHBrSXnP8EOYWFIrf5Nk39NQn56gWkAh1CP_SzXxj4nwMzriEUUptJlWjXq5OgJtH9j7AYeU7Y21AI9-9LJ4dZvSrx48_FIBiKs4eR69fb-jkh5zuJQPTCcn3yoolMz6FoUrjc_b-nkKiNGGHtVeRTzcJnhhX_RYDgUOm0II5blZlV68d4gssVRZAq_1AX-62wsarBTudr0Ykj8i70OHAMXEos6qnaMKgN8YrmjsWLBFBYg7txu98v2BhnUkHYGhUNXiDxk7qVqyuyY-L90FfgPr5ddI6zCaL7YugseZ4uZBi7Qk4zQh6EQ_7QLpjwmZZGn3Tpw9QuJYNwLwp9qZdkoEeh80E49TMJ58wlNQCTE765UeMCqg3uwafP5uvNIpw&cid=CAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=4477964504335245000&adk=3047537735&idt=96&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
63611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
container.html
4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 412F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:53 GMT
expires
Fri, 18 Oct 2024 11:42:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=3&r=chatliv.com_auto_interstitial_desktop&sy=24408cc0-e875-415a-b642-32dce43d9e8d&ts=72&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=chatliv.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=e231d3bc-a4ea-4cbb-bd3d-587996d61bbd&e=lm&dsReferer=Y2hhdGxpdi5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HATSAPQSQYSWQWCE080B276P
date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
age
931536
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
8188c2a67f69914d-FRA
dw2f2jftxlut
hal9000.redintelligence.net/zone/ Frame B40C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/dw2f2jftxlut?subid=&gdpr=&gdpr_consent=&rnd=1697715773878235&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
c2143656ff8d518def2055791169cca8d732f95d4e7f9b27322cb1f10a139662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4207
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 543A 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSTdl0hJJQ_FqwPFhGiKsfvOh3pcNoanSsXJEQmT480-zX3M8erwN0LzyA23UlZphWXuTUITLheUPF-ZmBV1N7iqW3ntoKv6fe7W9btxSJVb49OdqqMBJdVleBdU987zGEY6WEpwzM2RDpv2DqiAa42ehBMdqpadsPFlf52fR18MCKnlg&cry=1&dbm_d=AKAmf-CqMIjYsFo1BPcX2AAdwLhdEwqIu6VjDOOoZ3PDdeYNLQRHOyonAsSC5amPkvTbGX650eRmeGnmlT84-9g1L76zR8PHcqJfJQEkzV3qs8-bNYhj4_BPC3T7O8BCXPYs3_yfCICNGpztvhDfN9yHT2zgmP6VzUZEOO4w7hMIij2rxvl9q4eS0i9zdVN1zuXpFCRRY8ChZiBrOySbAcTZRBeosdyF414MB2O09KP3Z-Se6TQQZ9SYgbPNJH2Ecmwpq8djfeFp8Qt5r1Gj6FPalaKio_NiiAzdIE2ci6X2fWnv4Spi7kORVCTIYr-Zn74-uh-gg0Purgva73RMAZ2ghKhWZ4e5ktVfuGyCv0UvL0GPvPxRJEmlIYLvPlCCPNPLR3vbQG6aF9fxJd1JZBK-uzv3dDDuv6otYBWH85UW73Y_bvhhaUXFpIYJiIm-hL7_weKkm1EqBfiaE9MQxM3N47U7iEsozFsViTG-jbDxbJlH9fkmGpImkEEY7lykJrItsrDAQmaHzeUcN8AbBE1hV2WQVaat-RuqjqQZJlv-Yv7w0FKDYESwZ2wLIFG2w-TmAOvgB1L9zttn4ePaeoz9MRjMHvj7gev1uZf1xG0uUhwcLH7owS_uvlsRj7xftjtRYMQpPsGZIpOlP6AkdKY9ua7YeHvak9IEZCoFZHCB_EtKjlTv7GZ2g4EXD9kT5idrARFhTymnWqjNY1ITc4-VJU7a4Wu3pPIZ-Ir4LAjZ7mti0rLDYzgozyyYkThWOQK48FIU3axinZ-5l2hVmXqvB-O0eugZlr7f3EfwCdxehB_ENrGZnyZmifiYEYvgQ67ogvwU0PEjRaeK_5fCgs97Eda-n6nibzwajyorjhbIy9t38T3rzod51KvFUNw5XTYRj89I3enddu5LhFBcccCjcQD6stMlNfIZGh5XiI11t8w6HmpgjXyTd6DtYfTGOVkx9WkR7dKUumMcyNXowroFUHGIltWkzNZqAyewXqrFXku5fqJqQhGff-LIA_X5y8RdE0gpvqZGG33QrxcwU8U_qAYRD-DhPIS8OoOOLwFqrDv27aOSj1eyXc2E51VdxJZPMlSeYchRQ-KMqooiGAzpt8OFSR2wuYdoRIpJnKK4xk3iMnOOrRB2Rd90e0teFLh_BeobrhdazB2UHK_UyuqhHSSbnjORMxP3BMu1tVJO9iEZviDMKQgYwVff7HR6zKG0GW3tSYgTjKdalSK-IXQSYJHkQY4tkFWcFLJwIxtJodh41rSH6Bv9pZfYSNfy5b3V5H78sCOoptAMtYyBddkuA22YnTM0SfILgWIp8hu6O_iVdeueClnXJbYEbO1qQ6Pg6kNZ6h7mFYHE9O4GmX0Qk9dx-hqu3H99CWbblwPjUjQC5ZDSkVMmR95SJFc8sytcvOIknCoNvNUSpNkLMlTQbFcHJvDHScGP7S6hVg_hywaqehu9QRVvk6yHB2TLGiWotUIgqb2O-cUlPRn687xBKh59TgQRtKkVx5koN1727nMOP5q3AJcmpUxZQDwUtqvxX3YfwMr1A57Qb8eI-xjv4W_5H18PcQjlwPD19j1YQBCjbk_gxlnyQWGAb0kU48FjZ3-nvSMeaILY1Hv5jsPrEOABlDMTyhJp3VVST7Xm1AeCXy8p-Z0dwbGwf4_dOhYTUyZvKBWoxWMdHAlPzRpRM1FN8_cC8r2cqRCjkQqMkqi2At4Xh8YuipGdKsrofO4ekXMRQ1tCAvDm7p65BkghYVI4WZTgyVa7tSq8xLz56KFoAvM_NuSd6SWzvkOOMCyBJM5NX9EMLKbNgJyYiFl3KKsEpWA49wr6eRX14e7oiL0Jdlmji67U2Jjhi077kOLrK8zCJZqNM91Ajv-72xcAud-XK0OzE58rxnV8XbHpXzbwWfE1Lhj42R892wqrwZiKMi-Cht6M8b0_yOkY3dz2Y8R-3gEE6Y3QnCFgGe4zXuXKtO3RTVh6BGLf5w6LSUjiYhDuEGBWWdv0mW1ZJ4HgFgkmflGcveabyVtHE-PHVsvQFmJbfYJIIXEG8b6Jm3oR1e4euvL7Zgf38qlOlvOssETcAICUILVHHvOwqdlwp2WH6pKhzLFK8bBWqIlFya82UPLAVFb0sGdrfAnHbJ9AMpCZDlkCGgsBXPmmQ_ixOGD4fPNgKnGPpDZKn1tOecOu6wWqfB0lGmzolnifzYI8qGQYKQ-YNPZNjh5rbuRkVKgldVOnEjx7m_jwA3jPIQk4Vb8KKcbAXaHH11ZxZw95RJdcWd2W1SPo8sSyoWPI8vwZvn64D2UJn5KoX9UUwsZQ5mNX6tGSAVK2krJcGtLZm6Ko931dwaG9NlMyzUoc_R4_Vx_glEk8_B11PCN3lHOLhDpHX7OrMdEz_x7kHuhl6Gtiz-_xt5WQEuU-8cwQkSqJ-xHlc1jXYN7Jt8yEOpcgTP5248Jl0yUrNhe4agHLeETwXDqe1y0UafIJamZutgC3cTi1IhBExBVUaJ_nvBhc05a4QyMXTVdep4bUW0NuHcpYcMg4Aw0Ps2y_y3C77rmWcIsNwiJkX3uLkOzlVSQrzzl37hBXYpf6QL-K_uMdaqwQlDREo203K62yd1Ej1fR35NvWDX0KJUJP2GiwuCVij3mCKRrXpDMc0Nner7ntoAdAA8ORIbxZVTYUSvFHAh5saSOwwzVxpovgNLUlI0ZPxCsWfNFXLlnf3tiTM4NFBbU8cTStWLy_ic8RaK3HPkzflVQr6-yPpZu-NmlEHoHWgYGXKSiZJRTX_awyf5KQNwT4Nftywoghtlh2MXnSXj75DJKhvudJPFD9fViimKC3e3aMTljSGWMMKzcSSbRVgzItPXEZiocCIz6RwXmG-qaViS1mYXPbRTTrpDCgwECYPO5ZkcHUrP1fmk7YUqrpQyjm2-jwKeacZzaKJ16OtnYOVmLmDlyNAlPRCo8h9zQeWBQYPxCpqF8EJW0iv2HPq5_GOIGByDhqk7qDAEoi8ySMtu1f9H_uE_zT4ZKHnckEfSZooF1mbiB1asF2fhsP506zHWpCJ_6NR8SNz-jhytW68j9aLUNaxHJDD4bYe4PoJcCZ76Ho_ZreSiNtzEg2bUno3yhCMOkyrHfcwfRSIU-Df6fGMZiuO2Nkw-d24Syi3mJjP4P9dXW7txbVEbukNVXVD6BGFE8muq1MMar8JeALWkEGYolca_AISBURBMfBzFWTZZ0CQNyZRYtMVYOC6vEjeVA0fUbI0pnfLG6wSPS-uQdbFOCfZXCmScmj_ibeMcpCU94jqNkEKlmUARQnTwECZqnY8Iqrcc8cU1xvaFMmh0_6kKvBU3IS78md1gw8s0pTP0VlTQgC9lxBnxk6tPk30R0uYkb1VvlbtXhXSLz7g8Z5pPT74B4_UnSLIrYztafciI7dQrXYWfqFVLExnPDOjA90I0nckOdCDJ4snRgy8nVIJI1l5Up9jExXP1g44VxnlgIS8D4dvGdhrR_1nnjqeIy6bl_l7ixJ1vb_V17rvZHt0PD4rG3fq3B1TkGzyj6m9FU_s5fMXrOyvG6VQvhe2ZDMWAGEPhLMlWG34UOZjxoJ0QUhWDVPPMwrKJiYym038qdbn3A_BrFH38lB58UKgW3PbalhilMWGPvi0H-DMIYA7qL4Caoa_luqwc9zQT4D8Vcp9pA1wVMHGDWRrVDJfZGlqVWNSLA1IPOLCuug1rDFpc2hHLXduouyrgkfbC_FJpjLxZfsa9cSwkDV-G0F6SUPXdjX1rYceKiLqVEudZsvlff-i33WBFB8FeU9FM_FDDnCbVtquVCC5n0kMyclbQsnJR5s8gv5FnlXmw3HkoHtmh5VqHfB6vhHrMrgz-mT3RGKNL_gZQGKiToGh-_q6C2wxVVUQbIPG6y9MeQr5f6llo7mpYh1XQLoO1IKf-ULRH3Vkty9ov1x5m108ZE4tH8IK5aXSwhB_NvysztIPRQXlWMOBxwrRZLFyFF7l8QkgE7j&cid=CAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=17942352128628904000&adk=2086295851&idt=114&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
63611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5NzcxNTc3NDQyNjc4NAogIHNlcnZlcl9pcDogMTM0MDYyMjIzCiAgcHJvY2Vzc19pZDogNjA0MTU2NzQ3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 543A 		0
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5NzcxNTc3NDQyNjc4NAogIHNlcnZlcl9pcDogMTM0MDYyMjIzCiAgcHJvY2Vzc19pZDogNjA0MTU2NzQ3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9zb2JlcmJlcmxpbi5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTc5NTU1NjE5NTc3ODgzMTMwODMKZGVidWdfa2V5OiAxNzE3MTE1MjI2MDY2MjMxMTU3NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTAtMTkiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTQ2NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE3MTg2CiAgfQp9CmFyY2hldHlwZV9pZDogMQphcmNoZXR5cGVfaWQ6IDMKYXJjaGV0eXBlX2lkOiA0CmFyY2hldHlwZV9pZDogNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x80f2d4a0c8c8180000000000000000","3":"0xad4de8da63d11a9d0000000000000000","4":"0xe56937d329686530000000000000000","5":"0x692ac4e699b4e9270000000000000000"},"debug_key":"17171152260662311574","debug_reporting":true,"destination":"https://soberberlin.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"17955561957788313083"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 412F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 09:45:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 11:42:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EF79 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW4WehzPgJEf1f1PDNKG5PWOXohaxeKQN801KaYCApOu2Uhu9xf1vz5E-uZFRKeFNLz9bH6IZ0iL0vBMPXp2hbDm3ZBrfzxu9_SnkPswhfnqc6n-aiu2AsgwapvQstj1yZZ9iGPs5kzAAR-QPSuMIlAbFMvDZnRiYP2V9FvGdtmLIiF97rj5Y_iRF2eyhflVCcz7BZ4IaVuvi7PdUHycPaJFbM_9A
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A085 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame A085 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
6018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:02:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame A085 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
47257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:35:17 GMT
l
www.google.com/ads/measurement/ Frame A085 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgzoIAZ9o6e3Ii6npueZScBqEkHwNax3QtDv3elQP6eAj1Sbf-r4n92lr6mer91czqep4pSk1HCRYqUqjuAH14WG6q-A
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A085 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 11:42:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A085 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CtMPPwHyff0cM0vGp_WyeDjVSqw1gu0svLMHJdMvPojSB8jRGhspSV5d2ySVXGzQ6lp0mkFtO810fToHNl3hVDrOAX07tnJQhXVhMSc4Yeg9VPvL0
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A085 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17881515775930176136&x=1&ct=76
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 412F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
46185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8568
x-xss-protection
0
server
cafe
etag
3657364187347500438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:53:09 GMT
rs
ad4m.at/ Frame 8964 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf34ddbe76a040035399fa7bfda8b8929b83455b314325dc98f1a9fbaab0f3f1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7f%2Fxee1BOmEMo7UfPm9AaBmZDpbQKgdR9XHWNkIMUKptJEllID8COoggysyG6JjoLr3s7Iz2p47Imm0Ltx3PhJBABB%2FLWdYfTFChFcOBYBTe70RvqZLhlZp7u53a5hwcbVu7LQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8188c2a75c589b52-FRA
x-backend-server
aa-reachservice-group-europe-west1-sgsc
alt-svc
h3=":443"; ma=86400
dw2f2jftxlut
hal9000.redintelligence.net/zone/ Frame 543A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/dw2f2jftxlut?subid=&gdpr=&gdpr_consent=&rnd=1697715773918717&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
73bd736711c3d412b0dad0b87eafb856d1314f544a407b92c7fc91a0f423d5a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4215
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8188c2a70be69b52-FRA
content-length
24
content-type
text/plain
date
Thu, 19 Oct 2023 11:42:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66vs%2BBlBqabfBh6dnAJIWoGmS23F2y2bD5hfl8YZ9v4MpaTygh9OlAVI7TiDt5mCNg6IAeKQfoC1QmPYJF9RKqoB2yRb7R8hv%2By53UQf66OEmDTp3JppQJgpBvJminXMtcof6OY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-sgsc
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5D70 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
597202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:49:32 GMT
expires
Fri, 11 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90005.redintelligence.net/ Frame B40C
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
46406259675de469e6247f61ccbad0cc7aa01113e4ed20dd590036fe4110d3d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
53971600077471404445004012482005
Connection
close
Content-Length
1394
Expires
Thu, 19 Oct 2023 12:42:54 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 11:42:54 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 19 Oct 2023 12:42:54 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6CAB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
597202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:49:32 GMT
expires
Fri, 11 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
partner
sync.search.spotxchange.com/ Frame EF79
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOZZZTJ0Nxp0LgZlzc99evc&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame EF79 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame EF79 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW4WehzPgJEf1f1PDNKG5PWOXohaxeKQN801KaYCApOu2Uhu9xf1vz5E-uZFRKeFNLz9bH6IZ0iL0vBMPXp2hbDm3ZBrfzxu9_SnkPswhfnqc6n-aiu2AsgwapvQstj1yZZ9iGPs5kzAAR-QPSuMIlAbFMvDZnRiYP2V9FvGdtmLIiF97rj5Y_iRF2eyhflVCcz7BZ4IaVuvi7PdUHycPaJFbM_9A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
request.php
hal900024.redintelligence.net/ Frame 543A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/dw2f2jftxlut?subid=&gdpr=&gdpr_consent=&rnd=1697715773918717&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e4d79b956a1550d1ec1e4eed8a59841476b4162921a1a62e309c674d4a66bd25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
71658000069294604445004012482024
Connection
close
Content-Length
1426
Expires
Thu, 19 Oct 2023 12:42:54 +0200
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame 5D70 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
49528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 21:57:26 GMT
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame 6CAB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
49528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 21:57:26 GMT
rar
as.ad4m.at/ad/ Frame 9F6B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99468f5152d5cd25d574ce20bdd7c23db474de1f6b6f6bdf556dad46c5bc18c4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kswj7s7m0r9a2d4hft593egnpay4wpvv19we8y94ek7h1cv1d6mbjd85bvwzn59s8cergcar2dt23xfprbbbywq8j8fwh7sb6r3j9nne520hjwwbyphk5c4way7epyqzyh31cpygs6tewmxt11g0regaf7ezhz9hkte8fdk3a9tt8vbhhj8vc6m7n1mjtwnww87qrm9605tzqrcn7bsegs5ered7ap8d9vfssjhj5nd8mr1yrah9zr7kn0qg1z2v87zfqctnkzdyr9ax2ca8zeqyn5xqq3cawxmrmtnvkskt9wnxt1cjxpn8n7xazpcjsb82n93h11t7w7fgas56maq5h347d43wj5gjvh9wv50vzrpphvjz11mce3zyk76bnfnaqcb7f9fqnwbv3xv92msyjm4ynvesca67vv5eqy3y39jxejva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%26client%3Dca-pub-0352306366460691%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8188c2a79d4039e5-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 9F6B 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537335
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2Oixh%2F5MPFnNHDjrPv%2FXZ6AzA5SKS7D3KG6bQAFV%2BxfOPJB6gTugCxlBPYX6KlkSDyAJhK1R4IdNsAmugfwT7sc1MQglKKNhzmBrj5AHxqiW843fwRYAmB7k2u38o1ya%2FO3sbTUfJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=3600
cf-ray
8188c2a7ed7839e5-FRA
expires
Thu, 19 Oct 2023 12:42:54 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 9F6B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59287
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400
content-length
44710
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 15:49:04 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAQfV8ymaW2qddIA6dsXbIZ5AkPXpA7OF23krOduTqBTHqpn8bAE9kJ9eeMg7RqcZeotN9j4%2FXORDmOwROR%2Faghwl%2BZP2Tp%2F0NoNnxxK3SCYMEhal5orelEAGCJcYpnCIIJQPkx4i3rLPcTN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8188c2a7fd8f90d7-FRA
809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 9F6B 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20829
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
156513
cf-bgj
imgq:100,h2pri
last-modified
Thu, 19 Oct 2023 05:55:14 GMT
server
cloudflare
etag
"eae3b251b1fdff23215fbbe825ac0889"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9%2FA%2BvNK%2BYEEgho1ecgXTo3Npnp0rijvbl3ysZtj1apSn3h23eEk9wd%2FyqVp7FdxlW0zDZmUAyF46TRDwF3DaRJBK4HebzGiYbeaQEaCPuiLVQa6hVusM09TQcBqqUdhTYASvZd8jf3e36p3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8188c2a7fd9090d7-FRA
ztpv.php
www.conrad.de/ Frame 9F6B
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1697715774_a4677791-6e74-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=
0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1697715774_a4677791-6e74-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
8188c2a96bb29054-FRA
content-length
0
expires
-1

Redirect headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1697715774_a4677791-6e74-11ee-8084-22395667df75&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9F6B 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59295
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54554
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 15:36:53 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umnJOGk%2FjBrjXcQw981Us9A3XhjQ2PXtHO%2FBipf7i1NPZeG0AJeGP6k4j6chqlE40CBFqwC2nNNvBzKpxMsNotDZa7ZpcWCjPLBNdm3RqyD%2FdQXlXJ1jkFZoe3dkY4PT%2BaSOTkxDGeQVe3is"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8188c2a81daa90d7-FRA
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9F6B 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3b8d497a37a08513b7a3069ca43ad12755983eda42c4bc34364c74337f6287

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537335
cf-polished
origSize=132437
alt-svc
h3=":443"; ma=86400
content-length
124245
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 17:19:17 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrhRkCjy0Pccn1wf8Z1n4HztdCkDwY6tTRem8g7P5W4MQFeSovwyqQk1wx8ck5YZQ3MSkavJw3MG%2FPSCYG4upp8pKF4j2Avf37G%2FhQc8Cs1S1K%2FqPAXcr%2BoJSa%2Bziro2DAtC726gNOQneDKk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8188c2a81dad90d7-FRA
/
partner.o2online.de/a/ Frame 9F6B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNaGu42EgoIDFdvLEQgdUvYA5Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9F6B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61557
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400
content-length
9258
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 15:37:50 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAFTNKrRi2R%2BFQEYXBXmimuY0FuleqjPHCuEkkyUPGbgVfm81ImbUOhcIUh9n9I4%2B95Yeu80ottILtCZiIIgfQVeoiH79N%2Fvk6xxrDN2N9GmOFQ%2F6jM0F0lHSoJ1ZCyQ4ZeJYKftuPjXps4J"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8188c2a81dae90d7-FRA
BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame 9F6B 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b27d3253f5f1cc45f8d09c13323b6d70e9a75f50419bf0d3eb7d5413828d037

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537336
cf-polished
origSize=123474
alt-svc
h3=":443"; ma=86400
content-length
98846
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Oct 2023 14:47:35 GMT
server
cloudflare
etag
"b2c66965c0cae09bbfaa712aade417a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52Fo6KlhvskhbrvrHd%2FserxNj40lYkAouLuKBJltlSajvsLO0LbPFvSgjUxbtOJI%2BmuhVVlTuoTMKBauTlMUA0G6z0yTPK6k5Rnp1SYE8K%2B3mGZfvIaLg7gtumKciJEXzg45trCyJzBJmIt2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8188c2a81db190d7-FRA
/
partner.blau.de/a/ Frame 9F6B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKmIu42EgoIDFczAuwgd_pMNwQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101913425489824668817X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Net...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101913425489824668817X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=563262449a8ed8ec1b78f0507f2e5752%2F13099953830593585947&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697715774613&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy9y6n60hkqaq1bb3p6ebzd77ntr3frh7bcxfe5m7nhmff83s9n3yx37kme7yec4qsjwn36nv540v8nzfxnqedw8vhejz98bmxb5pg2gbdzfh30zzfmnnj17e1a3skpwjnnbsptkj3ttxd2qprpqp2mtpn47hpmy241q5ekm0k8bpv92t0ex66akkf8k26833x9tmft0d06yrn2bh7j4bngvtc68vbcwh2vg9fkxkkp05hmhw1zj0eddck3cjbx7pd4d101wmbxnawr17t0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCPFwfPRYxZbShGe6X_tMP_ouR2AeQ4YGEXLaoworwAsCNtwEQASAAYJXikYKgB4IBF2NhLXB1Yi0wMzUyMzA2MzY2NDYwNjkxyAEJqQIHHZwZ4KuxPqgDAcgDAqoE5gFP0PTiq2aReptZU5jzHaopJXPFQ7hGVqaPLXj13lf9Y-3FYid7_y7Gh8xmMCCbYWMHixBdUzDNK5EIIu9Jgy0RadXysHLenmUaMr6wxru_2iSuWI5xyk0KhDFstW98iZc1nP5uQnYKE1D4NdD315aMlyqlLJHmhsHp_NZH_WrDhGLEHY-2fgmSpx2HFLatIH4gW8CPEG5JcgHTK-4FxGBrgK8bMKyG2Xf_KXmuwdmEY3aTiw3pvNps8pzEwkSdgy_NY3FbBEiQq-3pw_W_Hi_nRKO2IhpgJdXa_oIW_GkwV_XN4lrLIYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RZK1tmrm7umTJUy_SawKUc6TgfA%2526client%253Dca-pub-0352306366460691%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101913425489824668817X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame A085 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=529940404343&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A085 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=529940404343&version=m202309260101&ct=76&x=1&cor=17881515775930175000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A085 		112 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvIdYpgxfGOmc9--4z4TfRp6nuBtr5jelTnZBraZgmiGnwdxZZXIuPtv2vOZ0gf6yMfvLOaCTSCClfp_PwUEA24IcUtheig11g2PycCqITcY5TN9Q10ekY4Nv5D0WRim-5b_Tekon0XY-4WnBGI7GRmryyTc75Kjl8l0jU6Nn6-uYQHeM&dbm_d=AKAmf-DTVrI1ZdTcEVEeJ0tTEdSL1aDJFvWtNs1UxrSd6fh1uihcVbxeMaHY-sjZ2uRCCanbOOSL8MQl5HehgHUSv7G_NlZWbwwGOyeYSm6eMktOvHEvGyDMcefQKVLnxC1Rylhw33rtmfcBNXnHXc2DNzGAlmS1BLqh_KGcfWksFaC1aCXzL4NwH13GGp48b9bXNzg8Ljx_OId_triK8HEFUVADfv9vxQP1bcTn5Je0-Uf33wC6gE3ORCTD-lp0Ef-2_ZQJxvgynG_snXOaHeQF2OtdWeOYXTpszN_UJgxnYNnxT4FhcCDc-smw25fTpQl_pOnm4M5mwGw5Ob5FY5W-Oi2JWxo2ALSI4UeWfC2JZPkF8k-jDPSHKLY1J-pON10JTv64wiVtQCKj0F3dVpi5JgY0Pcl3tIhl98YJX8nVmTsYiZxf48K8X9QEUJKkRjwDIuksjVogSl6AWcWyxwRBZytnaIBkYs_ScnQKsvh3HQkG3jDLfK_E9ciGnv6fX5jMdCmC5z-xc-qc_fX_e1g7U-b_4KvSfhslVssgNmxAxhuyFIuu252iJTQDZOxgUsOlu2TspEr3ZabsqD6kyaSjiEikBdYSNhfV0-cfqjn_FEUKEwTCjKHT4RoSQbRu9MEYS-07lUn1BOAw1_Z5Avqx_Val7Fy6LMA_itaKKOA4ftNEgNo3Y1n-J61U9tVznZax9cZcFuEpbTJvQo-IEErQvIuosdAgyn5RUZm04IHNzBmLv5F0H0QlfcgntJEHXAA4I5HSb512m8Bt6gnz-dr2HSq6sh1pPsekfC7zT6CmouXpbYUeChr6CMbELMMy2A0SgRj8kf5M2uUmPipxoNzeqlxXeyjxZlMHIaaSIi19_3W4AlbMEjZeE9MCI1UfXFjb5kPtCN0gE5Z8005K7yEzjMpfDOg2mx60pKqFaRGKQfGGgrWk09ui09QANT1hEXq_zceik8fm-4jpjxKMh_tbE70wKFnQ9Oo3IpLguRWCXObsksFJCSmFhKyqg3vr_gYc-sLKgdbF4rwXWW2473o2gRKQIqtviVcTSyybkj-QorGABHVn7l40KVHFT5B-MGDYJ6hLabEaXmO8MpRWxVtDJ4xLFrgbDtS2gzDdHPe6HEIeyWS1KLUSdT2b5dpFXsH7XxSubVPq56DTGRXDP8YTnNZxSYo9VovNtTQKQHF7d868ZzUaAltP0mJh7FkdeJr-Sw2E9Ti8P6YH4hNsdnMXOt2zBzeVgT4WDTHggAKU1uOCxqTTi7IGgpj3VnlvWk7FRefCkvNiatl1QBo0Um2WTuWV3F88vbsc2pcTwMiqJRKp5qXvM6UsUxamyF-G3rn5I3C5_ltkOpB-P0M8tNiWgadjCT2_gA-6ia-aamJEG3o1cyVbD--0plbNAGl9lr5LDasSRiQ6YEvzjSOvDm6ytxDaKo6D3WkeN8YYz4_eiPN4_wZ_9KsPELQfxZ74ieYosxdm9DVw9dI-aI_b1esURqN-yO12xLIdN4lqN0L_Ngb8P0SULzFKVIKO4lHL2gOttt5KrIIMaKk93Id7k57i87LMVMqYH_20VrU6-GoFb3MJyXfA2EVTbiOffZRAL95IxBpBdV7X_P6WYEm0IEL7FvY8NFJrpeEzLGrMl23pYM7wqJSq_4E9DuLdOGRZtgp9PFGbfGcGT77KmETXcTe_utcUrEzyhbqhaZURBYlhcFX9yEphTGyDEG0noZyhnqiQO7iBrodF-VtQsQLTSQ_bzHs9sW8ZzB4qPiRUfcUEvjAc3M6OfgupAow-qUgz7a0b82IwFYemktcjXmmdMeYXitPbbprKEHX_IedOLiiVhC5XE1GUKg2awKdZ-KCOJNNcehHG08dwfLcnhNaeRl25cdaV6TOlaTKwYJE9XoyRi9KWpqaAmGJ1CCFH8_9BCZJGmIgynTNnAs5zOz8D9bpau3jbuFtMOgEO0EMUL7fAJvFPGfn4gPO8U5w15o44ItuzrseqZfyHz-5QtBdoytA2vlItgwP4cR60PT7ddeteGFVCkAjhPtYDqn6QLjCEvaK9Xee4cCOkx8kaUvJ9_Pf2NknyybMvHVzMF9cqA7TwGSF1YGr0YWZD2DdOvyiZYirbIgvYbQLUMZ-ntRWJdJJm91Ne79aFZfqMsTqF2FhDuj_VAT1QHokkhB9EeXVczpdxByIYWTrZuEpx-kUkMP-17lrriTnLuC1C9fJHN4VV9ixDh6nizOeHFKN8K9ZDxq4KPcopU8dmlWAQ2H8OmpDvOZUd_Z33ollSRAXRcwzOKWvLNODSDxj0XUnOe95BF7H1RmEkIt4K2GdRXB63sMGABpphLXqo_FCzGfZs5z5P_sjppNiIqrBstRvI-t1cHiVd0g9Z80aACcZgFXtzAO9CbG4vvIM4l0kRPfPF9A2kYE9r6LCyAendD-058vBuQwD-cklJXpn-8wZFNCwV4_IYooOYc5gZCvvd6UCuZhhxcfthtCO3g-NhcuNhZ4cIorZyAzp-D8wf4gTwm1MD95fHy7T2Y9eEgw1iB1CaYhACJs3P1ZTvlCIy1ATuKDn_r53_1_8tba8wsxkrAmqEuE2Z9Dv6WEgjBfStd_bHYaReUfCuhS0BYNkUcIppRbjL1CP0J9Qndq0_cEteoKLBFPkBGk1mCn5iAIc6bj2MYzlew8g8GxFEZ91LFwTxUCAG2VGpmxkJlEg-eWrSaZN7t4T7I4EPFd0_fEBv7hXJQ-7mszWTEY6eNgNBNqQbgEA7eSkEDq1WERqGeRkF12M6tpITJCJD0RKFN0LGPJnUmFzFk7ql8yO46dq6isotNSyidU3uf4Y2dhB4MastAOuBoY77dbWEx-kYD6z7JjRsfxRWbIof2pq1KZvB3cJMtFHuz-4HPDN8zxbHqq5qFAmWoUCnWUWWSQjasKMh-RQWf1rzBNKEs2X0XqF4gs2ogz_T5jgBLP4Zm1e4yuesRTgMKPTs2aqNR0AzXxXgFM-KSXFO04eTern9d1ndlVyMlLJ1wvfQ9RHxuH8Rew-bzjjjHoTVyVSL2ZxLwDwHGbrk1cW-Tu7Fopk0YEhJOP7VSs_kVxeELG6JR-o_ruSYPEPRCROKVzOV6yH-f8Kq_XhJINOyKp9XdjU1UivNLxE2g3WE3MTeiWG-Afof2ztw1AbjCzAyIrEsbkuhoWY1iE7gvuUIh7PIuEHEVGB8a3DkURR4qQ09_h3P4Y9FRI8rWhD7V0IqwDbCwkSb4sF8HsRT2LD0bc2uMxzoPqQAjpJd4Tt9OvN8PLCBt8vjwL6btYEqlg883IkB8ON9bG4vkwDv0oaxD7kUMRj9I50ZNFczBWFIVhiiXp57fFsRYw_w4vjhQWnhrk1H36eK-WjnTLCpm2n1YzFBw0EMPCI3638vhcmQx6QAubyjtIwfyeSgUH-2I2n_n1GnekNisFrWOeRgxmW3sgk1bTsppWuJVacKpx1YHPREnozt9G_azWDtj_XWZnexRnoNAIdCZePATomR6SfXrttsG2Su0OzZhY_x3zsQ6vXDC4iGQl2bbzs22lCcBKK_cYX_z9laPFqjo4pn6WZB1_DmSnCPScWyuHVrBEGerIzdndxtuXwsibAIbagJMAV7TWiwNEd2zjlYTnoxBCBYMs9QgaiOwGK3XgzEclJYgnP8wNcF4gxSGI9Tm2hcJFhWsymfeHCHbnhWaTS2Qtqm2JYC4ORYZ3XoReWliHxzjBNpiaNpf_xvM5EBW_NucQDB-dZA8u7SyoRf33Q8OBgduy6trgxaTBHsG-UfLGjLAwk0ODj1iwrZ0EGdQQhw267iexdWvUKM0WTu5HDNz4cVk1llb58uWIwBYo_r1zRlwCYnVqcndmgJxN48SrV0D1C3DHU_Xed7qw&cid=CAQSPADICaaN0UTJ9tGsOfpah6rwgm3vkdz-sYZSsiSoFl4jP9-K7xJ9Hva-41Mw0vStEEiX7RUTD5ZqRId-lRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=17881515775930175000&adk=2988274607&idt=165&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c1731db6056702fac9554c8a4c7d2815fbe7fe2dcc3a525bad04221df067dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43132
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htlp
futalis.de/ Frame 0CAA
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=53971600077471404445004012482005&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748772
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748772
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 11:42:55 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748772
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame 6953 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 11:42:54 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 11:42:54 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 7927 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Thu, 19 Oct 2023 11:42:55 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
515F0524:8948_91EFC182:01BB_6531163E_26BCB3F:19776
link.html
track.webgains.com/ Frame B40C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=53971600077471404445004012482005&nw=1
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d8335bc386e318dd0f2e573e90dae2c098afbc108e89b6d8bcce5538057c5c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
last-modified
Thu, 19 Oct 2023 11:42:54 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 11:43:54 GMT
activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571
8019191.fls.doubleclick.net/ Frame E452
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571?
391 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571?
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
063b49344ebc1e14a06106269570e1145b4f056c4960820862a097f302eafac6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
221
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
expires
Thu, 19 Oct 2023 11:42:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90005.redintelligence.net/ Frame A3CD 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=590aa0f744&subid=&uid=f9b5070984295a4f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPwjMPRYxZZvNNZGdlQf6sJfQB6blvaBpzZGcp8kP8C4QASCVm8ohYJWCgICUB8gBCakCBx2cGeCrsT6oAwHIA5sEqgSOAk_QREurRDg3bnVPmAn1FTiROLJDXPAMK3jb9QCqjg9VwF39dI5kmT2M1miMEltwkFrPmdL1UxHnv_Z1VFz1cuqI9ARd45nB5EULwHM3424NtmpIs9epNYFag5N3chiky3fp9khY1EK8c6MO0xCpJ5GukalcoceHity-VBENhD5SLThwWvyZNAGa_QfPrQ3cqC7e054qw8tEkbpBH5Cd8rYXJI_NIzn_oJV1HW30yRcVRAOZK9oSfdiRzxd_5E92JNoNgHRwBkbc89eZ4Y3fyRZHf4cCVIh9qaiQthzCfR0ythvdvYJiMDjCel83-bA7DXORraY6dEpevVnNIwSqrU1rEqIWtfehaQ1gr7guisAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzc5MDc4MzY0NDgzNTc2MIAKA5gLAcgLAYAMAaoNAkRF4g0TCJq4hY2EgoIDFZFO5QodetgFerATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN3KS_pA65aXM0n0OB2hBdu2o3uiBzWvit7kvX789Ztrc1MPcB0pjKget_1QJHW-GKfMCr0KpnGAE%26sig%3DAOD64_2khui6y5WEEezcKL5I-fp_wmsWQg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-A8pN2UtWAwMsXx46lRO0Z5IyABFTr2bCZ_S7xqmcwtpYJmai3HMb_a1IpiGOKFFyvVDb_WNVLnKReTWSf0DJee_dWBpwa43Nrhz3pASd6jsENEwEL1cnKVMYABxkL0wlhGsTxyiKQ5NDcEEavXMEwCuiP6EmQGz00UPzJr2bbAv7D_Yyg%26cry%3D1%26dbm_d%3DAKAmf-DPICXZSHOp4U2B4JuGoWMZo_AgZYyCoh6_HxwKd-qVzpF4CfmLpXNnLuecSQ2b8lrTSuc0WPHALSwXyJOcSegeDvY4yVqQpeffewYGI9oqKfvKWtgejr0J8f86P6jrmXCLg_a0LYCPu4em14c38TiyhKRD2NOVaJluX2OPqam8S9UXso66M1ii5EpjJHTiyQeNkCNm3pV8dPVfs_chDfC6XZmuQht_cjBUok3DWsRsUzHlu2INBlZR274cuziNHN0sFkyofBHU_qO5YlwjXl3QoZRrE7Fl2Yq-9J4xeCmR_pIKBClg6uiAYEgzj8cxWt_ssqd0MbYwdWv3faQ-rf3H-tt1nFtNNIFhJ6qrgZVLEDxKfVDDxDIz9gSebEnby-pPSCw3yJaVx_Q8wqIuDGpIXvoqlwILJVX0HuInZyrDbPo_hPUHlfVWX1jY_M4BObYyd5fZKMBkT0eBxHbnHunX4ampxTczQ3cr-2T8h4HXJCW5u6hhe6sy0RKyRWUkNvw_se-00cri490TG0CAw4J3zvCoiZTCxjMI5K4Qou4bQ6BNlxA%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=6910047604267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8de8dd397686f04d8a72b430344c87fc53642fc0fa7c5e1a65ab3ed01221b665

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2080
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 11:42:54 GMT
Expires
Thu, 19 Oct 2023 12:42:54 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame B40C
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
515F0524:89DC_91EFC182:01BB_6531163E_268EF5E:1193B
x-iplb-instance
40027
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53971600077471404445004012482005&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Thu, 19 Oct 2023 11:42:54 GMT
server
nginx
content-length
154
content-type
text/html
cshow.php
www.awin1.com/ Frame B40C 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=53971600077471404445004012482005&pv=1
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 11:42:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 00F3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B40C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64cd13477a2cd2e1a5df0cf9e94ed9ac2de98d28cf5554ede3565751f9ca1442

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
htlp
futalis.de/ Frame 5E18
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=71658000069294604445004012482024&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748771
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748771
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 11:42:55 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748771
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame 4EE2 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 11:42:54 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 11:42:54 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 6042 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=71658000069294604445004012482024&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Thu, 19 Oct 2023 11:42:55 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40027
x-iplb-request-id
515F0524:898A_91EFC182:01BB_6531163E_268E8F0:1193C
link.html
track.webgains.com/ Frame 543A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=71658000069294604445004012482024&nw=1
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
ab41a4ecf75f3074028eace042804a243389ce6b7451583651dae18a2dd70012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
last-modified
Thu, 19 Oct 2023 11:42:54 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 11:43:54 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 543A 		0
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=71658000069294604445004012482024&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
515F0524:898E_91EFC182:01BB_6531163E_268A29C:1193D
x-iplb-instance
40027
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 543A 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=71658000069294604445004012482024&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
515F0524:8988_91EFC182:01BB_6531163E_268A29D:1193D
x-iplb-instance
40027
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 543A 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=71658000069294604445004012482024&pv=1
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=dw2f2jftxlut&nw=20&renderingType=javascript&namespace=1ce5f3db5b&subid=&uid=0564f0489885eeae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_Z9EPRYxZb2JONSG7_UP28G5-Amm5b2gac2RnKfJD_AuEAEglZvKIWCVgoCAlAfIAQmpAgcdnBngq7E-qAMByAObBKoEjgJP0CgyFt6GLukGCN11Lu9pcYdA5EW7LtfWgNy7XkaT9Y-6Vt5aoIlb8ehLCnFta_pmzMeBpLM7tFoBtR4RZQWFtAsBwCYG8JaV0kCPM7RFoNnl32DajIuXXnpFydFTinefkTyxRcBanwCk2Z3W-q7OayD1LRRLdeXqxOteWgTLkGTz7CAK5cxgzylexewCeVKmtzCkHR0wNB79dQM3KptlPhazLg7LwUtcAOCXImP1eLEhOzgZdBasqhuRHip746ipbl0pU48cx5pzNsMFvEAa_6kV-DxArg3ByermS2DUWLYJxApYEyXpMemMsd5A3HltJOhkzFKBVuVfw3oFKP3g74P5AxKhFZb-qLbs4wTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTc3OTA3ODM2NDQ4MzU3NjCACgOYCwHICwGADAGqDQJEReINEwifqoeNhIKCAxVUw7sIHdtgDp-wE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNlyQxBO8j_4oNY2iFelaoqeIxUQonWre5QDhmjY9auAYVXEk7fTk2KB06jl0ItYCY3gQhczGjGAE%26sig%3DAOD64_17NpJw0z9nNEMZo8FfHDwfY3hncw%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CPL2q-3J4hIHZPQ3t779vh_sIJ3OktdnMir2FB3StSIzyJ3Rem9lBe3V-psh6PftY-PrBQAThR1ycj0GnqX6Rtvx3NSy7RUTnABqXbbkzOF5qCPFIsLoEtEA8NbXblrgYGxDRXp-bBLagiclatQzb7TkH3pWcZ9kFO7-W4Kn__1-Z9aaw%26cry%3D1%26dbm_d%3DAKAmf-B80r9LewD6j4if3kMBQBkTtn_TlRHJ-SQgM26_o9AMi7zt4JdBBR7hc1b8UpdI2B98S6XcN_wCnpet48A30CcvkKbjZCJbqP3TlYJxgjg2QLeMwIjVKJk4GnTnxpU-I2QVWCqDrxzFPgo0AGc1toBvMMZ5tlDtqR94CVOgHE2In8eX3ly6Y_5i6Y64e9jnjeQM29D7RbgUFRZvlCRkFWW2Mm5jxacOyJXbF2MAOc6eWlWnGOFInWvbK8fhyvsoYMHDiqCdnOpyI4rueW1A9i557az_C1QODWryTKVxYCNjpv8_lKlYa3Orp8xzitVtgUbCy3Xi2jD7mcNrWD_oXutTU8N7NQcA8ONhq3wdQ2cCEz9LKeaJahycUe2pAKu8P8LAozJqInRzpZoeaQqKOFMEz80XjuUQu1wUc8ph4rzejg5ACok60K2lwGb9tB-7foJnX51-Xi6ljH4LQwRfXn3NpW5a3QNdvk9VcK8bc9M9iGfEPwTomTJ_nF4kvJgiJCDhAncxrSteCKAVFEhnrKFYCbG3l9KSlSvVAnnEPz5Zm324Wbw%26adurl%3D&documentReferer=https%3A%2F%2Fchatliv.com%2F&ancestorOrigins=https%3A%2F%2Fchatliv.com&random=2796280443798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 11:42:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
css
fonts.googleapis.com/ Frame A3CD 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:12:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 11:42:54 GMT
/
hal9000.redintelligence.net/scale/ Frame A3CD 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
b12d5fda7a7b63a9e7cbbaeb77b4bc896935b716882c1f1d9beca4767b5de2b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47341
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A3CD 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
0ceb0cfb6868813119359bcdbe7a2e523c8c07b48836125b0c29df1c51c65568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57893
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A3CD 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
5ae3fe04e1d5f01cadfdbc44f5ec8d276a7b3b5cbb89d63a817a8e7aa730bf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A3CD 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
2d7bbb97a99c97519564b269a5d09f3c56104db0f64f5fa65bd7f8443807cc08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
37454
Vary
Accept-Encoding
Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 00F3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmRBtbHkE6qa45v-8FahoAQQu_l7IaWXzKFJKOchAa4IjjsMfd8_m5DzU2nDh49Z_Z5d3ojvA6BjuBl9yrmO-Ythbfg1cg83
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRBtbHkE6qa45v-8FahoAQQu_l7IaWXzKFJKOchAa4IjjsMfd8_m5DzU2nDh49Z_Z5d3ojvA6BjuBl9yrm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRBtbHkE6qa45v-8FahoAQQu_l7IaWXzKFJKOchAa4IjjsMfd8_m5DzU2nDh49Z_Z5d3ojvA6BjuBl9yrmO-Ythbfg1cg83
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRBtbHkE6qa45v-8FahoAQQu_l7IaWXzKFJKOchAa4IjjsMfd8_m5DzU2nDh49Z_Z5d3ojvA6BjuBl9yrmO-Ythbfg1cg83
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 11:42:54 GMT
google
match.adsrvr.org/track/cmf/ Frame 00F3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHtLCMMpGcQJzNTeXk-Q_IE&google_cver=1&google_push=AXcoOmTRZncq8Ez3-AV-swnv4SehfX9EeN9_6JkfGhcLiMhwMZDlnAxTbWkPTOKYh6wxd3_rDhmGKhn7-m7WCpg7hk_HlA_NZJc
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 00F3
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmRIlDnH6-1Jpbmqg4nbLb6BFhqJM5kwCwsbZp7Y7lbsnMe39CB8dgg3VAzcssooNe3CVBZG4ZLgaIJ82BtuJo9Xkni...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIlDnH6-1Jpbmqg4nbLb6BFhqJM5kwCwsbZp7Y7lbsnMe39CB8dgg3VAzcssooNe3CVBZG4ZLgaIJ82BtuJo9XkniDmdI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIlDnH6-1Jpbmqg4nbLb6BFhqJM5kwCwsbZp7Y7lbsnMe39CB8dgg3VAzcssooNe3CVBZG4ZLgaIJ82BtuJo9XkniDmdI
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRIlDnH6-1Jpbmqg4nbLb6BFhqJM5kwCwsbZp7Y7lbsnMe39CB8dgg3VAzcssooNe3CVBZG4ZLgaIJ82BtuJo9XkniDmdI
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
/
b1sync.zemanta.com/usersync/googleadx/ Frame 00F3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmRgJ-D_0schBJ8KISAffTdYowS1E8ySRVkOWawxLyzZtW3LCx0_WYXUr1isaJ4vKTAs4K4WkZ4f-Y6Ue...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRgJ-D_0schBJ8KISAffTdYowS1E8ySRVkOWawxLyzZtW3LCx0_WYXUr1isaJ4vKTAs4K4WkZ4f-Y6Ueaos778_NPx_6i4B&google_hm=MnB5UTEwQjYtb1ZHenI0...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
50.31.142.191 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame 00F3 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 00F3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhtFszoK8uOzDnoyx1JZWClmoeNqDdXalrLSeSWaZcnFUS4EeGda8-iVtL
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gtm.js
www.googletagmanager.com/ Frame 6953 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74fe8a97161f9f640e07bb2a6f83420375925cc0cb556ca235f569850e0e4668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64390
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 11:42:54 GMT
gtm.js
www.googletagmanager.com/ Frame 4EE2 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74fe8a97161f9f640e07bb2a6f83420375925cc0cb556ca235f569850e0e4668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64390
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 11:42:54 GMT
viewability
hal90005.redintelligence.net/ Frame A3CD 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=53971600077471404445004012482005&a=ac7d4b7e&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=53971600077471404445004012482005&a=73486a9a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:54 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
skeleton.js
fw.adsafeprotected.com/rjss/st/1350098/69352127/ Frame A085 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20606889740&bidurl=https://chatliv.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hdWCxkrVZtYTNcGeJmIWV1
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.6.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-6-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8cf21af4fc34da81aca551db40596efe60f4cb1abc83d59efcb858cfd8fa6064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A085 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Origin
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 20:02:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame A085 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvIdYpgxfGOmc9--4z4TfRp6nuBtr5jelTnZBraZgmiGnwdxZZXIuPtv2vOZ0gf6yMfvLOaCTSCClfp_PwUEA24IcUtheig11g2PycCqITcY5TN9Q10ekY4Nv5D0WRim-5b_Tekon0XY-4WnBGI7GRmryyTc75Kjl8l0jU6Nn6-uYQHeM&dbm_d=AKAmf-DTVrI1ZdTcEVEeJ0tTEdSL1aDJFvWtNs1UxrSd6fh1uihcVbxeMaHY-sjZ2uRCCanbOOSL8MQl5HehgHUSv7G_NlZWbwwGOyeYSm6eMktOvHEvGyDMcefQKVLnxC1Rylhw33rtmfcBNXnHXc2DNzGAlmS1BLqh_KGcfWksFaC1aCXzL4NwH13GGp48b9bXNzg8Ljx_OId_triK8HEFUVADfv9vxQP1bcTn5Je0-Uf33wC6gE3ORCTD-lp0Ef-2_ZQJxvgynG_snXOaHeQF2OtdWeOYXTpszN_UJgxnYNnxT4FhcCDc-smw25fTpQl_pOnm4M5mwGw5Ob5FY5W-Oi2JWxo2ALSI4UeWfC2JZPkF8k-jDPSHKLY1J-pON10JTv64wiVtQCKj0F3dVpi5JgY0Pcl3tIhl98YJX8nVmTsYiZxf48K8X9QEUJKkRjwDIuksjVogSl6AWcWyxwRBZytnaIBkYs_ScnQKsvh3HQkG3jDLfK_E9ciGnv6fX5jMdCmC5z-xc-qc_fX_e1g7U-b_4KvSfhslVssgNmxAxhuyFIuu252iJTQDZOxgUsOlu2TspEr3ZabsqD6kyaSjiEikBdYSNhfV0-cfqjn_FEUKEwTCjKHT4RoSQbRu9MEYS-07lUn1BOAw1_Z5Avqx_Val7Fy6LMA_itaKKOA4ftNEgNo3Y1n-J61U9tVznZax9cZcFuEpbTJvQo-IEErQvIuosdAgyn5RUZm04IHNzBmLv5F0H0QlfcgntJEHXAA4I5HSb512m8Bt6gnz-dr2HSq6sh1pPsekfC7zT6CmouXpbYUeChr6CMbELMMy2A0SgRj8kf5M2uUmPipxoNzeqlxXeyjxZlMHIaaSIi19_3W4AlbMEjZeE9MCI1UfXFjb5kPtCN0gE5Z8005K7yEzjMpfDOg2mx60pKqFaRGKQfGGgrWk09ui09QANT1hEXq_zceik8fm-4jpjxKMh_tbE70wKFnQ9Oo3IpLguRWCXObsksFJCSmFhKyqg3vr_gYc-sLKgdbF4rwXWW2473o2gRKQIqtviVcTSyybkj-QorGABHVn7l40KVHFT5B-MGDYJ6hLabEaXmO8MpRWxVtDJ4xLFrgbDtS2gzDdHPe6HEIeyWS1KLUSdT2b5dpFXsH7XxSubVPq56DTGRXDP8YTnNZxSYo9VovNtTQKQHF7d868ZzUaAltP0mJh7FkdeJr-Sw2E9Ti8P6YH4hNsdnMXOt2zBzeVgT4WDTHggAKU1uOCxqTTi7IGgpj3VnlvWk7FRefCkvNiatl1QBo0Um2WTuWV3F88vbsc2pcTwMiqJRKp5qXvM6UsUxamyF-G3rn5I3C5_ltkOpB-P0M8tNiWgadjCT2_gA-6ia-aamJEG3o1cyVbD--0plbNAGl9lr5LDasSRiQ6YEvzjSOvDm6ytxDaKo6D3WkeN8YYz4_eiPN4_wZ_9KsPELQfxZ74ieYosxdm9DVw9dI-aI_b1esURqN-yO12xLIdN4lqN0L_Ngb8P0SULzFKVIKO4lHL2gOttt5KrIIMaKk93Id7k57i87LMVMqYH_20VrU6-GoFb3MJyXfA2EVTbiOffZRAL95IxBpBdV7X_P6WYEm0IEL7FvY8NFJrpeEzLGrMl23pYM7wqJSq_4E9DuLdOGRZtgp9PFGbfGcGT77KmETXcTe_utcUrEzyhbqhaZURBYlhcFX9yEphTGyDEG0noZyhnqiQO7iBrodF-VtQsQLTSQ_bzHs9sW8ZzB4qPiRUfcUEvjAc3M6OfgupAow-qUgz7a0b82IwFYemktcjXmmdMeYXitPbbprKEHX_IedOLiiVhC5XE1GUKg2awKdZ-KCOJNNcehHG08dwfLcnhNaeRl25cdaV6TOlaTKwYJE9XoyRi9KWpqaAmGJ1CCFH8_9BCZJGmIgynTNnAs5zOz8D9bpau3jbuFtMOgEO0EMUL7fAJvFPGfn4gPO8U5w15o44ItuzrseqZfyHz-5QtBdoytA2vlItgwP4cR60PT7ddeteGFVCkAjhPtYDqn6QLjCEvaK9Xee4cCOkx8kaUvJ9_Pf2NknyybMvHVzMF9cqA7TwGSF1YGr0YWZD2DdOvyiZYirbIgvYbQLUMZ-ntRWJdJJm91Ne79aFZfqMsTqF2FhDuj_VAT1QHokkhB9EeXVczpdxByIYWTrZuEpx-kUkMP-17lrriTnLuC1C9fJHN4VV9ixDh6nizOeHFKN8K9ZDxq4KPcopU8dmlWAQ2H8OmpDvOZUd_Z33ollSRAXRcwzOKWvLNODSDxj0XUnOe95BF7H1RmEkIt4K2GdRXB63sMGABpphLXqo_FCzGfZs5z5P_sjppNiIqrBstRvI-t1cHiVd0g9Z80aACcZgFXtzAO9CbG4vvIM4l0kRPfPF9A2kYE9r6LCyAendD-058vBuQwD-cklJXpn-8wZFNCwV4_IYooOYc5gZCvvd6UCuZhhxcfthtCO3g-NhcuNhZ4cIorZyAzp-D8wf4gTwm1MD95fHy7T2Y9eEgw1iB1CaYhACJs3P1ZTvlCIy1ATuKDn_r53_1_8tba8wsxkrAmqEuE2Z9Dv6WEgjBfStd_bHYaReUfCuhS0BYNkUcIppRbjL1CP0J9Qndq0_cEteoKLBFPkBGk1mCn5iAIc6bj2MYzlew8g8GxFEZ91LFwTxUCAG2VGpmxkJlEg-eWrSaZN7t4T7I4EPFd0_fEBv7hXJQ-7mszWTEY6eNgNBNqQbgEA7eSkEDq1WERqGeRkF12M6tpITJCJD0RKFN0LGPJnUmFzFk7ql8yO46dq6isotNSyidU3uf4Y2dhB4MastAOuBoY77dbWEx-kYD6z7JjRsfxRWbIof2pq1KZvB3cJMtFHuz-4HPDN8zxbHqq5qFAmWoUCnWUWWSQjasKMh-RQWf1rzBNKEs2X0XqF4gs2ogz_T5jgBLP4Zm1e4yuesRTgMKPTs2aqNR0AzXxXgFM-KSXFO04eTern9d1ndlVyMlLJ1wvfQ9RHxuH8Rew-bzjjjHoTVyVSL2ZxLwDwHGbrk1cW-Tu7Fopk0YEhJOP7VSs_kVxeELG6JR-o_ruSYPEPRCROKVzOV6yH-f8Kq_XhJINOyKp9XdjU1UivNLxE2g3WE3MTeiWG-Afof2ztw1AbjCzAyIrEsbkuhoWY1iE7gvuUIh7PIuEHEVGB8a3DkURR4qQ09_h3P4Y9FRI8rWhD7V0IqwDbCwkSb4sF8HsRT2LD0bc2uMxzoPqQAjpJd4Tt9OvN8PLCBt8vjwL6btYEqlg883IkB8ON9bG4vkwDv0oaxD7kUMRj9I50ZNFczBWFIVhiiXp57fFsRYw_w4vjhQWnhrk1H36eK-WjnTLCpm2n1YzFBw0EMPCI3638vhcmQx6QAubyjtIwfyeSgUH-2I2n_n1GnekNisFrWOeRgxmW3sgk1bTsppWuJVacKpx1YHPREnozt9G_azWDtj_XWZnexRnoNAIdCZePATomR6SfXrttsG2Su0OzZhY_x3zsQ6vXDC4iGQl2bbzs22lCcBKK_cYX_z9laPFqjo4pn6WZB1_DmSnCPScWyuHVrBEGerIzdndxtuXwsibAIbagJMAV7TWiwNEd2zjlYTnoxBCBYMs9QgaiOwGK3XgzEclJYgnP8wNcF4gxSGI9Tm2hcJFhWsymfeHCHbnhWaTS2Qtqm2JYC4ORYZ3XoReWliHxzjBNpiaNpf_xvM5EBW_NucQDB-dZA8u7SyoRf33Q8OBgduy6trgxaTBHsG-UfLGjLAwk0ODj1iwrZ0EGdQQhw267iexdWvUKM0WTu5HDNz4cVk1llb58uWIwBYo_r1zRlwCYnVqcndmgJxN48SrV0D1C3DHU_Xed7qw&cid=CAQSPADICaaN0UTJ9tGsOfpah6rwgm3vkdz-sYZSsiSoFl4jP9-K7xJ9Hva-41Mw0vStEEiX7RUTD5ZqRId-lRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=17881515775930175000&adk=2988274607&idt=165&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:02:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
45652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 23:02:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame A085 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvIdYpgxfGOmc9--4z4TfRp6nuBtr5jelTnZBraZgmiGnwdxZZXIuPtv2vOZ0gf6yMfvLOaCTSCClfp_PwUEA24IcUtheig11g2PycCqITcY5TN9Q10ekY4Nv5D0WRim-5b_Tekon0XY-4WnBGI7GRmryyTc75Kjl8l0jU6Nn6-uYQHeM&dbm_d=AKAmf-DTVrI1ZdTcEVEeJ0tTEdSL1aDJFvWtNs1UxrSd6fh1uihcVbxeMaHY-sjZ2uRCCanbOOSL8MQl5HehgHUSv7G_NlZWbwwGOyeYSm6eMktOvHEvGyDMcefQKVLnxC1Rylhw33rtmfcBNXnHXc2DNzGAlmS1BLqh_KGcfWksFaC1aCXzL4NwH13GGp48b9bXNzg8Ljx_OId_triK8HEFUVADfv9vxQP1bcTn5Je0-Uf33wC6gE3ORCTD-lp0Ef-2_ZQJxvgynG_snXOaHeQF2OtdWeOYXTpszN_UJgxnYNnxT4FhcCDc-smw25fTpQl_pOnm4M5mwGw5Ob5FY5W-Oi2JWxo2ALSI4UeWfC2JZPkF8k-jDPSHKLY1J-pON10JTv64wiVtQCKj0F3dVpi5JgY0Pcl3tIhl98YJX8nVmTsYiZxf48K8X9QEUJKkRjwDIuksjVogSl6AWcWyxwRBZytnaIBkYs_ScnQKsvh3HQkG3jDLfK_E9ciGnv6fX5jMdCmC5z-xc-qc_fX_e1g7U-b_4KvSfhslVssgNmxAxhuyFIuu252iJTQDZOxgUsOlu2TspEr3ZabsqD6kyaSjiEikBdYSNhfV0-cfqjn_FEUKEwTCjKHT4RoSQbRu9MEYS-07lUn1BOAw1_Z5Avqx_Val7Fy6LMA_itaKKOA4ftNEgNo3Y1n-J61U9tVznZax9cZcFuEpbTJvQo-IEErQvIuosdAgyn5RUZm04IHNzBmLv5F0H0QlfcgntJEHXAA4I5HSb512m8Bt6gnz-dr2HSq6sh1pPsekfC7zT6CmouXpbYUeChr6CMbELMMy2A0SgRj8kf5M2uUmPipxoNzeqlxXeyjxZlMHIaaSIi19_3W4AlbMEjZeE9MCI1UfXFjb5kPtCN0gE5Z8005K7yEzjMpfDOg2mx60pKqFaRGKQfGGgrWk09ui09QANT1hEXq_zceik8fm-4jpjxKMh_tbE70wKFnQ9Oo3IpLguRWCXObsksFJCSmFhKyqg3vr_gYc-sLKgdbF4rwXWW2473o2gRKQIqtviVcTSyybkj-QorGABHVn7l40KVHFT5B-MGDYJ6hLabEaXmO8MpRWxVtDJ4xLFrgbDtS2gzDdHPe6HEIeyWS1KLUSdT2b5dpFXsH7XxSubVPq56DTGRXDP8YTnNZxSYo9VovNtTQKQHF7d868ZzUaAltP0mJh7FkdeJr-Sw2E9Ti8P6YH4hNsdnMXOt2zBzeVgT4WDTHggAKU1uOCxqTTi7IGgpj3VnlvWk7FRefCkvNiatl1QBo0Um2WTuWV3F88vbsc2pcTwMiqJRKp5qXvM6UsUxamyF-G3rn5I3C5_ltkOpB-P0M8tNiWgadjCT2_gA-6ia-aamJEG3o1cyVbD--0plbNAGl9lr5LDasSRiQ6YEvzjSOvDm6ytxDaKo6D3WkeN8YYz4_eiPN4_wZ_9KsPELQfxZ74ieYosxdm9DVw9dI-aI_b1esURqN-yO12xLIdN4lqN0L_Ngb8P0SULzFKVIKO4lHL2gOttt5KrIIMaKk93Id7k57i87LMVMqYH_20VrU6-GoFb3MJyXfA2EVTbiOffZRAL95IxBpBdV7X_P6WYEm0IEL7FvY8NFJrpeEzLGrMl23pYM7wqJSq_4E9DuLdOGRZtgp9PFGbfGcGT77KmETXcTe_utcUrEzyhbqhaZURBYlhcFX9yEphTGyDEG0noZyhnqiQO7iBrodF-VtQsQLTSQ_bzHs9sW8ZzB4qPiRUfcUEvjAc3M6OfgupAow-qUgz7a0b82IwFYemktcjXmmdMeYXitPbbprKEHX_IedOLiiVhC5XE1GUKg2awKdZ-KCOJNNcehHG08dwfLcnhNaeRl25cdaV6TOlaTKwYJE9XoyRi9KWpqaAmGJ1CCFH8_9BCZJGmIgynTNnAs5zOz8D9bpau3jbuFtMOgEO0EMUL7fAJvFPGfn4gPO8U5w15o44ItuzrseqZfyHz-5QtBdoytA2vlItgwP4cR60PT7ddeteGFVCkAjhPtYDqn6QLjCEvaK9Xee4cCOkx8kaUvJ9_Pf2NknyybMvHVzMF9cqA7TwGSF1YGr0YWZD2DdOvyiZYirbIgvYbQLUMZ-ntRWJdJJm91Ne79aFZfqMsTqF2FhDuj_VAT1QHokkhB9EeXVczpdxByIYWTrZuEpx-kUkMP-17lrriTnLuC1C9fJHN4VV9ixDh6nizOeHFKN8K9ZDxq4KPcopU8dmlWAQ2H8OmpDvOZUd_Z33ollSRAXRcwzOKWvLNODSDxj0XUnOe95BF7H1RmEkIt4K2GdRXB63sMGABpphLXqo_FCzGfZs5z5P_sjppNiIqrBstRvI-t1cHiVd0g9Z80aACcZgFXtzAO9CbG4vvIM4l0kRPfPF9A2kYE9r6LCyAendD-058vBuQwD-cklJXpn-8wZFNCwV4_IYooOYc5gZCvvd6UCuZhhxcfthtCO3g-NhcuNhZ4cIorZyAzp-D8wf4gTwm1MD95fHy7T2Y9eEgw1iB1CaYhACJs3P1ZTvlCIy1ATuKDn_r53_1_8tba8wsxkrAmqEuE2Z9Dv6WEgjBfStd_bHYaReUfCuhS0BYNkUcIppRbjL1CP0J9Qndq0_cEteoKLBFPkBGk1mCn5iAIc6bj2MYzlew8g8GxFEZ91LFwTxUCAG2VGpmxkJlEg-eWrSaZN7t4T7I4EPFd0_fEBv7hXJQ-7mszWTEY6eNgNBNqQbgEA7eSkEDq1WERqGeRkF12M6tpITJCJD0RKFN0LGPJnUmFzFk7ql8yO46dq6isotNSyidU3uf4Y2dhB4MastAOuBoY77dbWEx-kYD6z7JjRsfxRWbIof2pq1KZvB3cJMtFHuz-4HPDN8zxbHqq5qFAmWoUCnWUWWSQjasKMh-RQWf1rzBNKEs2X0XqF4gs2ogz_T5jgBLP4Zm1e4yuesRTgMKPTs2aqNR0AzXxXgFM-KSXFO04eTern9d1ndlVyMlLJ1wvfQ9RHxuH8Rew-bzjjjHoTVyVSL2ZxLwDwHGbrk1cW-Tu7Fopk0YEhJOP7VSs_kVxeELG6JR-o_ruSYPEPRCROKVzOV6yH-f8Kq_XhJINOyKp9XdjU1UivNLxE2g3WE3MTeiWG-Afof2ztw1AbjCzAyIrEsbkuhoWY1iE7gvuUIh7PIuEHEVGB8a3DkURR4qQ09_h3P4Y9FRI8rWhD7V0IqwDbCwkSb4sF8HsRT2LD0bc2uMxzoPqQAjpJd4Tt9OvN8PLCBt8vjwL6btYEqlg883IkB8ON9bG4vkwDv0oaxD7kUMRj9I50ZNFczBWFIVhiiXp57fFsRYw_w4vjhQWnhrk1H36eK-WjnTLCpm2n1YzFBw0EMPCI3638vhcmQx6QAubyjtIwfyeSgUH-2I2n_n1GnekNisFrWOeRgxmW3sgk1bTsppWuJVacKpx1YHPREnozt9G_azWDtj_XWZnexRnoNAIdCZePATomR6SfXrttsG2Su0OzZhY_x3zsQ6vXDC4iGQl2bbzs22lCcBKK_cYX_z9laPFqjo4pn6WZB1_DmSnCPScWyuHVrBEGerIzdndxtuXwsibAIbagJMAV7TWiwNEd2zjlYTnoxBCBYMs9QgaiOwGK3XgzEclJYgnP8wNcF4gxSGI9Tm2hcJFhWsymfeHCHbnhWaTS2Qtqm2JYC4ORYZ3XoReWliHxzjBNpiaNpf_xvM5EBW_NucQDB-dZA8u7SyoRf33Q8OBgduy6trgxaTBHsG-UfLGjLAwk0ODj1iwrZ0EGdQQhw267iexdWvUKM0WTu5HDNz4cVk1llb58uWIwBYo_r1zRlwCYnVqcndmgJxN48SrV0D1C3DHU_Xed7qw&cid=CAQSPADICaaN0UTJ9tGsOfpah6rwgm3vkdz-sYZSsiSoFl4jP9-K7xJ9Hva-41Mw0vStEEiX7RUTD5ZqRId-lRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fchatliv.com%2F&ds=l&xdt=1&iif=1&cor=17881515775930175000&adk=2988274607&idt=165&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c75166534a7cf375f7963558a6a55858688f6c289c9d200706ce1592669ffe3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:16:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
41206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11596
x-xss-protection
0
server
cafe
etag
6499730840814102677
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 00:16:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A085 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
63611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2A5F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame A3CD 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90005.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:23:45 GMT
x-content-type-options
nosniff
age
587949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:23:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame A3CD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90005.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:02:57 GMT
x-content-type-options
nosniff
age
527997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 09:02:57 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmT841qo9GLl-JA0lv53zM7Lr_oYQSv678GKW2_UoG2N2hzPTNNbFWec5Gq8EKCva5fASODNdTBaqnfzHxVtveE8cD2OdRKv
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT841qo9GLl-JA0lv53zM7Lr_oYQSv678GKW2_UoG2N2hzPTNNbFWec5Gq8EKCva5fASODNdTBaqnfzHxV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT841qo9GLl-JA0lv53zM7Lr_oYQSv678GKW2_UoG2N2hzPTNNbFWec5Gq8EKCva5fASODNdTBaqnfzHxVtveE8cD2OdRKv
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 11:42:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmT841qo9GLl-JA0lv53zM7Lr_oYQSv678GKW2_UoG2N2hzPTNNbFWec5Gq8EKCva5fASODNdTBaqnfzHxVtveE8cD2OdRKv
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 11:42:54 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH8wu2rUU8gui_4zDClYEAo&google_cver=1&google_push=AXcoOmShecEak9if5GVIafPsaAe71DzA_B7RkXzsVmO56fzhVRPlEK54K1_npirIua__2qvHG0O4G9Pdaw1bmg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTYzMzcyNzI2MjU1NDI1Ng%3D%3D&google_push=AXcoOmShecEak9if5GVIafPsaAe71DzA_B7RkXzsVmO56fzhVRPlEK54K1_npirIua__2qvHG0O4G9Pdaw1bmgXCWT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTYzMzcyNzI2MjU1NDI1Ng%3D%3D&google_push=AXcoOmShecEak9if5GVIafPsaAe71DzA_B7RkXzsVmO56fzhVRPlEK54K1_npirIua__2qvHG0O4G9Pdaw1bmgXCWTTInHGoyZ2F
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTYzMzcyNzI2MjU1NDI1Ng%3D%3D&google_push=AXcoOmShecEak9if5GVIafPsaAe71DzA_B7RkXzsVmO56fzhVRPlEK54K1_npirIua__2qvHG0O4G9Pdaw1bmgXCWTTInHGoyZ2F
Date
Thu, 19 Oct 2023 11:42:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
adxcookie
match.adsby.bidtheatre.com/ Frame 2A5F
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKUmQHKLj9OlQ9AG6ghhsko&google_cver=1&google_push=AXcoOmQYZSyi2vFc0ERKhICYfx3ctsEmVZvDN93aKaGLpwshViR6M8IsAdSwTxs7CMLkkfQbDxKX_TKgdlw...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQYZSyi2vFc0ERKhICYfx3ctsEmVZvDN93aKaGLpwshViR6M8IsAdSwTxs7CMLkkfQbDxKX_TKgdlwACV3pPsrIjq9toZ_r
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=5
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=5
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
134.122.57.34 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Date
Thu, 19 Oct 2023 11:42:55 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5F
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEFrFO7VzFkFkSsgk5mdd7iA&google_cver=1&google_push=AXcoOmTIf43gOvX9KD7Cp7n2fDQxEZ-gTc0M8LPynnbbHw7aJ6Fq7slPeDaId0p6LBm2vhlcrYNTgkKijIvZkvHd49mR9JIoanwx
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=842309638650&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=842309638650&us_privacy=1---
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=842309638650&us_privacy=1---
content-length
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame 2A5F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmR4sBhGt0A5V_28Fbt8Wo2XqnrqpkpTR1rxbEWch6dpkPyVNsJ061lLzRrRt6otwHJOw7YPuW417PHyA...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR4sBhGt0A5V_28Fbt8Wo2XqnrqpkpTR1rxbEWch6dpkPyVNsJ061lLzRrRt6otwHJOw7YPuW417PHyAZKZUe7_wmWCalTm&google_hm=MnB5UTEwQjYtb1ZHenI0...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
50.31.142.191 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cc.adingo.jp/adx/push/ Frame 2A5F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESENNt6_z4k_vImaTpxT9YWaA&google_cver=1&google_push=AXcoOmSWdz5u0aBb3dMCZNIw6nfYXHG0aH3YrnLoZqqchCqCzYmicWAA4idb0cgm4n265Mj6lIQiamehRBZOn499oOFdPB0X9moG
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.249.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-249-13.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
server
awselb/2.0
/
onetag-sys.com/match/ Frame 2A5F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMsTtrk0BZP9iqDQl6psaLM&google_cver=1&google_push=AXcoOmRu5miue4N8MNM0atJcqJ5cO_82NyuLTK1qkW9WxmG0k3VXHNoCT474lzU7QN99KR6IOu2zNQ2HeEA...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRu5miue4N8MNM0atJcqJ5cO_82NyuLTK1qkW9WxmG0k3VXHNoCT474lzU7QN99KR6IOu2zNQ2HeEAb64KWSg8Uexsv_u30Aw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2A5F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoqSgo7CaY8ZCimle5e6rthnokYrdtTq3j9iNyMy3tgSdSK-ZZ3Av0rcWwDr82PwYhX8YkEg
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571
adservice.google.com/ddm/fls/z/ Frame E452 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJTiwo2EgoIDFWwHogMdDZgH0g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5542191604168.571?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 6953 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe4c075fe2a09268ea78e7250c2b2f8571d8306a0ff692271df3103cf6bd9425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92951
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 11:42:55 GMT
js
www.googletagmanager.com/gtag/ Frame 4EE2 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9feeab724756ecce456073070084282b5d4c6c82a27dd4a7b7fb609355f2bad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92954
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 11:42:55 GMT
pvClk.min.js
analytics.webgains.io/ Frame B40C 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=53971600077471404445004012482005&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:58:15 GMT
content-encoding
gzip
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 08:55:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
6281
x-amz-server-side-encryption
AES256
etag
W/"6aec565d06e446dcf33391d1dafb8b7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
WrQI8m7UrimyWM46ctHRPsBQsJeSNqbV0TR4ZwCOr4e7kL0TLx_XHA==
1x1.png
cdn.track.production.webgains.team/7121/ Frame B40C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697716074&Signature=V7eV96D0xRNiOX1ZX3mX726qG~RERya7vBFH3fIrYPxhsfIzDC1Zg~bf3vp3CJph3fIxCISjh4tjdrP4kVxx7LDvwhrMbbw2CCkMPwrGJBqIrlc-A0I2NjnYdcrGgOTE31d~LabbH4tfpY2nEM3Y3tYO1ufSQrmOAyFyx2aXQWZEEg4nU6iV2t9I1PJLVa0nBY4NAbuwEwvsdHwLPvdc8S-OYeaFHhi-~2EE1dJrD8TlAjP82ypVzxEzFxOytotKwhqTZDh7D-~PknSHxjCC3SxvcoAQSC-y2xAageMAFSeEk035CLxY3TU0BBuJHSItxhkgITZX4Gn-YiXABTu~HQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 19 Oct 2023 05:49:44 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
21192
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
YRxhATMbRHeHfMImXV-9711nf6pk1sNG59L-qRrucfEgUAmfBpuA8w==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7EEB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
597203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:49:32 GMT
expires
Fri, 11 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/ Frame BD69 		96 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b23d1943800e5bc093e49196170e67ac9fb39a3e8012275c8bb051ff9fbdc976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
22120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21520
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:34:15 GMT
expires
Fri, 18 Oct 2024 05:34:15 GMT
last-modified
Wed, 05 Jul 2023 12:25:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pvClk.min.js
analytics.webgains.io/ Frame 543A 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=71658000069294604445004012482024&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:58:15 GMT
content-encoding
gzip
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 08:55:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
6281
x-amz-server-side-encryption
AES256
etag
W/"6aec565d06e446dcf33391d1dafb8b7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IMCHu7k3mLKVDxdGVYvCLeec9DNQhp6xNE2nURzKR6TeGllrZAJDyA==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 543A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697716074&Signature=V7eV96D0xRNiOX1ZX3mX726qG~RERya7vBFH3fIrYPxhsfIzDC1Zg~bf3vp3CJph3fIxCISjh4tjdrP4kVxx7LDvwhrMbbw2CCkMPwrGJBqIrlc-A0I2NjnYdcrGgOTE31d~LabbH4tfpY2nEM3Y3tYO1ufSQrmOAyFyx2aXQWZEEg4nU6iV2t9I1PJLVa0nBY4NAbuwEwvsdHwLPvdc8S-OYeaFHhi-~2EE1dJrD8TlAjP82ypVzxEzFxOytotKwhqTZDh7D-~PknSHxjCC3SxvcoAQSC-y2xAageMAFSeEk035CLxY3TU0BBuJHSItxhkgITZX4Gn-YiXABTu~HQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=71658000069294604445004012482024&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 19 Oct 2023 05:49:44 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
21192
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
UDxQ8GvsHNmX9OS6o-2WQJqharc_2sixV8K-_rcBvrpdF5pJm9IiJQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D70 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH6egPhYxZcP2FY-GjuwP36yj8AQAAAAAOAHgBAI&bg=!ZWalZinNAAZy-tsgUvo7ADQBe5WfOABs4Sm9ftA4sJsZIJmgl7Fi8-6MhZBwZ7D7tkml231aGq0y9b8ds6FqlHvOaTq3AgAAAS9SAAAACWgBB5kDQrBD4_to0lTAaEzER7SX7-wIUmew9Lg22WpppF4wt13NmpnWkAQ7s03bOz-BIdUb_UmZYVSZqRx4w99f08UNkuM2KCHAwou1cfuzx8UxK756IG1PgHXeEL8pbiISmBAlBahQmOLfGdBwVojBQmXsd4YNzQNJbWR55D1Bn9nPVy6VsE2kDdcR_71iCUXVZzyWAHRrsgAPwOjPitoSq4DVashxXjb9V3BszwCreSauO4gKCdNhgydUmhK1o6pUATlSrJPcpcQ5REvW_T5xg2RrDCd2JhDmjcKHFgRxHyG9MFAXe2A7ysL8DZ0BMPXNORB9LAcS_J8g3P7_GAwYxfdAOYUTSX2EkexRG0Vb9IJp6hSP15weNPPHnmcSyAqvKx3bfbj0eQIJ337mjg7KUwFvlGW8BDDhN__SRqBq1nRDAVWjZ410jIETAJoqTkbjFZro8mJdfvFfzPziSJBhkc11ps_oSDoW6bFzg0gGoietdhSIKTvF2rivqSbTRsI4PlHyUPSmRnFsDzjoqi_9JvTy2z1pue4j-Uo3GdpR-0diIHI88WgNvcvMzcNKl9TAn4_g5jS1SdAxuZfbaF5RItBeqJS5kjoQMi4GbDhCtLDHNtvrg6jTKvBMXEfTlpKMizKawErDyN5nvkCMUFVztf_QP9Iq_zZhfzeAtQTlcWuEvAhpZu8fGnwlIluO9TEtEhgfqdhsB0GCYCserTaSnkurVUoov9y17CTUDUFigtQIvcQ_yBPpyVSzu-GasRbyAtKAhbc33pFZBl69Wq3rUwJunh3p-t_LgFuItkRNH2paQ0qreM1QUG4yfdg8EoSkLZ_LLEOEhmKmOf8-rQiEzNtOmEqzt-iVRTZxRPfIkWeCNWV27kjJnFvt5jwNmJS_tdSP7DQDqVGOrChByftohXMCI_6KZqxf7OgT-mX11lDWgkpyyNUfvGJ9U4PN1ba7or8TM_8fNci-Qn1IiTLm-YB7Xao0RxBNjWNvpB6XIg9oO7StOPLV9XgAts3qL6k0609AUhKAzSrxH3_HogYURmvOcuu4ToIGeojkyT-lgSkPhZgB0LrcmyDmrota7dPA4dd9Uc7AglSt03bi81TbsI3W0kUbbg
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CAB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMyXkPhYxZaCGGo_B9u8Py-aKoAIAAAAAOAHgBAI&bg=!7O-l76DNAAZy-tsgUvo7ADQBe5WfOM9MzYfuoa6IzWJiOURPZyCBbngC_LngDT3Kej7UXhbRfPrZ06rSX2_KmqEtUv9bAgAAASFSAAAABmgBB5kDM-IzzZqc75E0mJ2vFXkQZM-x0x5Eqvjkq6D8ymxGAfYJvbNqrFgjba8-c3v-8BXoXk7xvDyN5V9eM6-6jMrBMm9l4OiXiEYEH6Z7rzpExL8n3k4bZpn3pe6k5ALAjfUzLfJl4O53IKrsj0pB_hPKTqvdRh7k0Dv9dT0tcMYDtT_caANSRnPfxpAHCW9537e3FMw3DLND9bUGyGN32HtrjfxiFg1UaWutLCD2X8dNc9bkGrNJqQUWr6L9dkw2SUgWDQ1fs_Bl28LrFAPmfnoEm0Lx6XqbDdiKL5egCuMiXTK-Z0Swtbyf46zKVfAzWWHBWzWL9l1AAYqc-OaIXharl-fm7ccyWio73YmmNWf58uTvoBuICHumOwdIctQZUAUDJFS_v8UmX6rIwNkEVqlXL0FfKSP1WPxriWLBSJIROuoPbNXQ3ZwN0asVz7b1XmRf3YnihtStPp2lea5anbsTHpiQcEaaDQm0SI5fBlyvwUgQUvv3pWLKIoB0IZ1E44D6SxNWHVx61UZOuRAkTkcJnUjGiJrLnz6dMeSNFXMY97Dm8mjxFVleZS1GSWkfJ0dyp73YTV2-5jd5GIjx651xqixRspUGNcq0DiSlUjC38B283SmzPKRR1C5hEUS7mL2LYnCMmReiBfpLO7vssVwI3bauIpZ1kLLBqyEbxrFMewfn1K_uV_vcj07DYIlPkDdgym1NlS4RrUkvF7W4EMkQ4kWa3SQJhwmXfLQvFelT8bi5I6lSACnIgUBgMpyqFvsyQbE5fDmhJ9aflf9NwyPw8DcivaS56HBeoaYwia47XzHyNtm_Psu2OjiOnxqr4pfYZ_6ZRq7syU4YBTZ3_k59Od0H2dKbebjVR_j17MS-F5K4CfwO4JGfbwED40brnlqB-yeDlZjVRsIlcUmplUTbUiuNNu3SPF4XgmtKXLAOJq8kWiRyw1eoK4id-ofbEKFtyd55tKodtcyUHQymV1kGfSN83rpwTHzmYSNlqpwkoY2C8ITaF4z1oMH76S_znWb178Trvnsyhjqfg9hMFRAwraXXhrn1Wzb90govqfxW-TLHq_VwYSlx7lAVegkuCGyDUnnX7Q
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame BD69 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 07:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Oct 2023 07:13:22 GMT
main.19.8.439.js
static.adsafeprotected.com/ Frame A085 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20606889740&bidurl=https://chatliv.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hdWCxkrVZtYTNcGeJmIWV1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6127199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
qWFTtj6kLZf3aQKrstbvnKVsLN3P-FM1wEjf3jb3jJzk_SgZw0Adgg==
ts.js
cdn.retailads.net/ Frame 5E18 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748771
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame 0CAA 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3213748772
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame 7EEB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
49529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 21:57:26 GMT
skeleton.js
static.adsafeprotected.com/ Frame A085
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20606889740&bi...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Server
2600:9000:223f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
23874665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
4ENKhUbczAzis-h-T7uMmZFXDNWNn0jOXpe-0anONke5fdACLcchXg==

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
nginx
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2687 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2460825
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
-26qYOdB4OqU7kChCaOOWzIJATu-FORawgBJRcDIggIYvzHtx5MCdQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 74D1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwvgD9SAZILDKJ0qT9GUSClNIAFEwUgxyG703HOGEtgDDgUbvjg4hx8VcxIxG7h6zUNCkzfHTSSfJr-aU-oB0V-DwBu57IX7To2_6ldV4ErD6GZSUd&sig=Cg0ArKJSzB8_xpiZaOInEAE&id=lidar2&mcvt=1090&p=153,947,433,1567&mtos=1090,1090,1090,1090,1090&tos=1090,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=725991170&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697715774162&rpt=122&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame A085 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=e1c3b2a2-eb3a-e00f-209b-e68136c3efe1&tv=%7Bc:ruD13A,pingTime:-3,time:275,type:v,im:%7BpBlk:255%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:276,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT8ens3+11%7C12111%7C12112%7C1212%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a1*.1350098-69352127%7C1a11%7C1a12%7C1a131%7C1a14,idMap:1a1*,rmeas:1,rend:0,renddet:IMG.us,siq:232%7D&br=c
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6748:a747:845:71f5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame A085 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=e1c3b2a2-eb3a-e00f-209b-e68136c3efe1&tv=%7Bc:ruD13C,pingTime:-6,time:277,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT8ens3+11%7C12111%7C12112%7C1212%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a1*.1350098-69352127%7C1a11%7C1a12%7C1a131%7C1a14,idMap:1a1*,rmeas:1,rend:0,renddet:IMG.us,siq:232%7D&tpiLookup=ao:chatliv.com*%2C4c560110518f56e101f4975428091992.safeframe.googlesyndication.com*&br=c
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6748:a747:845:71f5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame A085 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=e1c3b2a2-eb3a-e00f-209b-e68136c3efe1&tv=%7Bc:ruD13Q,pingTime:-2,time:291,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:620,beZ:621,mfA:811,cmA:812,inA:812,inZ:816,prA:816,prZ:844,si:852,poA:853,bl:876,poZ:876,cmZ:876,mfZ:876,loA:897,loZ:901,ltA:911,ltZ:911,mdA:622,mdZ:712%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:291,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT8ens3+11%7C12111%7C12112%7C1212%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a1*.1350098-69352127%7C1a11%7C1a12%7C1a131%7C1a14,idMap:1a1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:232,sinceFw:58,readyFired:true%7D&br=c
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6748:a747:845:71f5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622
8019191.fls.doubleclick.net/ Frame B135
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622?
391 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622?
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
aff0fb26744088a8466cf3b224307798d77604febac5d15b0e8f5d95c73722fa
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:55 GMT
expires
Thu, 19 Oct 2023 11:42:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900024.redintelligence.net/ Frame 7FD1 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
afaf6f67cd5bfa85068da5474318d3990df08ecc058005187c21c8bf59263f0f

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2080
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 11:42:55 GMT
Expires
Thu, 19 Oct 2023 12:42:55 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 08D3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 543A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26351dc9b44473c542319e9cdd891c0537a64589a7cc35d59f9b9a60251b0cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame 45AD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=RuvXT74Adt7fC6NOZyQHZPZeJYKTC4zqhuN_yD4voMH2SOTnXHFzz7vcC4tjI8RPHE1Jo26B-BYPhwwKa2UVeO6O4drYD-te8WV1LyitF7lGhpHbH-X7rTtQ7tWzwY0WTkN2F0bKXK5BbdkS19LgZFnSKiSWkx1Fb21YAGYfxZCw0M20edLYz_qRvmWeGzBj_Rbmu1iJ1iOVWc3gK5tDwFkak4HPQaO3WQmk1lt6QY7J6I9g02DSls13tcRztccF1wVcGA&sds=2&rev=88955&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTEWPQANtA4Iu_F7AAy-6xUS7U914jMZEILSqw&u=%7CBHaTYTW3C3Ag64ccrjMN7XkrVx2Z%2BNPWCeCcpKUGgfM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcMVD-W-zVtgBRWMyk9tJgq5-9NYrnER9uu9XY6yMG7sM9mHd-yD1fz7bcTOxz_adgA4NSr9fuHb2EwT5ATGtQL8ApFhY-yWGBZBwtEE1xihLwSgCM925-WnNenWT1VsQ415f4_S38BJSF0yfULSULdJBbmoLINfp7hIsfhvzac6GpluR4w7cE_ZLyRewcXYPvwYQqVxN6KhTkUNW0ycKjnynfvoKsCQKs1fRVI6j15Tli7ws0ITNzwjqWz41aXdxPh650xbPkSfVMO21htzIvHwp9SdzAU9gVhWOj2hGYjmt8mZMD8FWlcAeJA8My0IFlju65zm7M-VHpbONzcAuA1dOS4aMcIj1fE0XryTKoqXP28A6ohoo7xFSPuYJPn_n5GS8EE_byOaIvmVcXAZtuUInBR-5mHxh6oeALAjOy_etwpdgHBwcPI8WlfUPS61TytUhb3mbVKgQB5lUKpMGv39Ym6R09S6UFvoE1Dx7AEDicT9ZPZT_zK8kERjd8N_0rHggy90H8or2Xwf-ChJt0MLpT0IUG6jiey-87c0C8-gS2DPL4Nv_iA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEGsKPRYxZY7oNvvi7_UP6_2ysAfJntKxXJWil_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAgcdnBngq7E-4AIAqAMByAMCqgS9Ak_QMAM5XQrKONeIHG3NyUJHvZPW2dzhp8XM7RtDFHYUSx4ibvwhHTlsD3XKzeVoM0iqfdrA6g84XKX89mibIrpMRGEjUOFowadUC2hV_KYMVhuYt8QFvM3Yf7Mm9_S0qLj4_eSjKXWy1CCqG7vBrqOovN8Og5HlEpK2FVmwmeQYSmgiYLMXwIiqfXmvtpuMQQjQTHRNtKIHY9Rrp1cm-QiyMq2X1SGz3Y3Hmvg6JDN21amxOiYow9uOCByNczxbyF278zn6jjy6PYVciLmr9PQa-y4op1wZrSATexfHeNLmOzL8byh9GlYVzCdg4lCqXAbrEsE5Hau0IcTvpXokq3qmFffIcodiDyE7nlM5eNL8x7h4tdIvqVdkm5IdwEzAMKKT4XjlcSVVwiWVNhTZpxQemQEoZevvZ11EcmAb4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NzkwNzgzNjQ0ODM1NzYw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_39pVIEQ1Sas1oaKf_V_c3NCHZBMg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 11:42:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
css
fonts.googleapis.com/ Frame 7FD1 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 11:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:08:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 11:42:55 GMT
/
hal9000.redintelligence.net/scale/ Frame 7FD1 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
b12d5fda7a7b63a9e7cbbaeb77b4bc896935b716882c1f1d9beca4767b5de2b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47341
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7FD1 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
0ceb0cfb6868813119359bcdbe7a2e523c8c07b48836125b0c29df1c51c65568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57893
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7FD1 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
5ae3fe04e1d5f01cadfdbc44f5ec8d276a7b3b5cbb89d63a817a8e7aa730bf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7FD1 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
2d7bbb97a99c97519564b269a5d09f3c56104db0f64f5fa65bd7f8443807cc08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
37454
Vary
Accept-Encoding
Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 08D3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAJsiWiM-HVWJ8oyUInJFIE&google_cver=1&google_push=AXcoOmRcBKuLkXSG0-U1vdpviQUP_theekjuQtS2KC8Kyb1l4l-4DmHl-UG1P3INnupsG0fziLVU_6krmc3aMLWSP5FDzb3ahFK_uQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRcBKuLkXSG0-U1vdpviQUP_theekjuQtS2KC8Kyb1l4l-4DmHl-UG1P3INnupsG0fziLVU_6krmc3aMLW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRcBKuLkXSG0-U1vdpviQUP_theekjuQtS2KC8Kyb1l4l-4DmHl-UG1P3INnupsG0fziLVU_6krmc3aMLWSP5FDzb3ahFK_uQ
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 11:42:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=75F2C2D3220245EEAA60080170F4B7A2&google_push=AXcoOmRcBKuLkXSG0-U1vdpviQUP_theekjuQtS2KC8Kyb1l4l-4DmHl-UG1P3INnupsG0fziLVU_6krmc3aMLWSP5FDzb3ahFK_uQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 11:42:55 GMT
google
match.adsrvr.org/track/cmf/ Frame 08D3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHtLCMMpGcQJzNTeXk-Q_IE&google_cver=1&google_push=AXcoOmRJVOrZYxdl1Bafu884OkfUPRgJ7qB9MC5i-Ooxm9Ce3KGz96eNULhw9Yozi5sXl-LJ4gLg-bhh80DlwSCaHJBEmeqoMoR3Yg
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 08D3
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENIq3FZwvd9acw0m0kAme7I&google_cver=1&google_push=AXcoOmRQClpSGGIyxM3tohYN8daQ-RsQOf1iMPyDCTezXsXtVKDSawj355H7ZWPO1nwcVrYfoKNM8lxdZUc-h3qiAEDodkz...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQClpSGGIyxM3tohYN8daQ-RsQOf1iMPyDCTezXsXtVKDSawj355H7ZWPO1nwcVrYfoKNM8lxdZUc-h3qiAEDodkzXGq2p
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQClpSGGIyxM3tohYN8daQ-RsQOf1iMPyDCTezXsXtVKDSawj355H7ZWPO1nwcVrYfoKNM8lxdZUc-h3qiAEDodkzXGq2p
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQClpSGGIyxM3tohYN8daQ-RsQOf1iMPyDCTezXsXtVKDSawj355H7ZWPO1nwcVrYfoKNM8lxdZUc-h3qiAEDodkzXGq2p
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
/
b1sync.zemanta.com/usersync/googleadx/ Frame 08D3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEqom8teaHOgGjVcXi2MCVY&google_cver=1&google_push=AXcoOmRRLLcXUKxsT1hKAdw9fdlieFcUwD8Ip0x7QJoEKqrTul25Kplff03KZ5Pwxm7TWYUYUMXIT2gT_aKEu...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRRLLcXUKxsT1hKAdw9fdlieFcUwD8Ip0x7QJoEKqrTul25Kplff03KZ5Pwxm7TWYUYUMXIT2gT_aKEuOVJ-1hY4u3UqDwM_A&google_hm=MnB5UTEwQjYtb1ZHen...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Protocol
HTTP/1.1
Server
50.31.142.191 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame 08D3 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 08D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-WQomm_fkmUCXJOfVIjzOVZHpIUy6iiiLgW0gEDuy5pE_AqNwos3TOAoq
Requested by
Host: 4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900024.redintelligence.net/ Frame 7FD1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=71658000069294604445004012482024&a=b000ea89&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=71658000069294604445004012482024&a=b3e8e188
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 11:42:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622
adservice.google.com/ddm/fls/z/ Frame B135 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKGw6Y2EgoIDFa4PogMdXRsEEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4761059183647.622?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7FD1 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900024.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:23:45 GMT
x-content-type-options
nosniff
age
587950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:23:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7FD1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900024.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:02:57 GMT
x-content-type-options
nosniff
age
527998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 09:02:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EEB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPyWrPhYxZbPWLsSdjuwPkdun-AEAAAAAOAHgBAI&bg=!YmGlYS7NAAZy-tsgUvo7ADQBe5WfOHArRL4trO1TCR9Ff9O1jG3xgpi-jyYZN08hvGUqppoR710gCQHSfxC1udH4rQwwAgAAASRSAAAAFWgBB5kDgFrvaPNO3ZQRpt_sTh9LUkDctkncaJ5xGFAmak5DVQVzgC2JaVTH9Jm_TuOUO9jxwx-HmC9qGvQ8ejubQTfnE20N2ZteyH3tfrAT0FT0zcFnE8z1_71bkVg0iRk9k4fTUMv8QsnUy1dRGv_r1lRzCtNtX-51NwOX8q8CdgaPQiHg3JSMdJrCM2O5_rX6AQCsG16fQPTbvDPzvtT1rTIYeI-CdRwszTc48Z716MUfT-TIFz9QCatGLi4ovCDSejkQkEw0b_Wzp7vJowWPufVeI9PLRcRP3ZsAu7-ST4IjJUyinp6AGJAwoOoBVEgXANry21vpwc5_Cg_8NOel03nDCQ8j_T_sbxcq7Yc-E69y-v0x9ArTYJ6w3XREd0qMbOsnSl6VsxWVoL1VdPp4MGuAuAN_FMM_zyTvk_cPoxCPEej2Li7DXP89_-5dxahUhO04giaXgWPEoKR99TFD-OslR3KNpIUyZ2tTc-r5ox9udIG6k1PhoZSTzM_KRa2sfkU_vz4RljPABG65LvSObkMwj1pB_AxmrdqjYBIRVpu-FIrikqDQHuf6FcyAAllLQS9UbWPnb3j5xBGpbbn47Xutn2be_PxLwLJmWibHsiTyBWG8gDZH_vXnugUNMFdin5IjoaVAL3ikgdnroFr4xyzXFcgA85VpyleX1_6IHTcLv65wFZ56cYzoAhIkArrqhERzAzRkYCBObiDumVwuj_ODRpTGZG2hlA81m1NXzWFsEhRC5LSkbeZYLOpKsS78wWlxasCdAAOS1o-4m1GlL_ztRGsMtf-hIsS569dBbbrD17b1QZf-dlQm8QprnMpJ98UN2a9dQtyKkrvT0jFyjhtDBxUyUkvp7QRreBcbTEnlV8zy3ROQByBeLBh5Jg_HTxG6kdwFR3SUXzWQfYARJmuyE_OoTDQWHqeESlG8gl1YcdFXk-rasVW1_JeFK9tNCrE96gg6cwjxrZX6MoyEhP9vatcqG0CoG0uZQihk5IPkWHUcC_U_4EmdgsJUV12HW5clatwLasCaQ20S2FeBAaVSO1-8kk8NX_QsQebff6OebWj4k3_nkgXEZY3ql3URh6qSQQq37E2s-OhCCnysasQ-6wxNmnK32IaEwYUsVZ95zCC5NQ_MVI0uQvDTmocgZFnhMACH0Q7CfyfuYOJQk0ptmlwyfraLIrtHK60QDniWZPbb
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame A085 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=e1c3b2a2-eb3a-e00f-209b-e68136c3efe1&tv=%7Bc:ruD17g,time:503,type:e,im:%7BpWait:14%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:503,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B310~0%5D,as:%5B310~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tT8ens3+11%7C12111%7C12112%7C1212%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a1*.1350098-69352127%7C1a11%7C1a12%7C1a131%7C1a14,idMap:1a1*,rmeas:1,rend:0,renddet:IMG.us,siq:232,sis:311%7D&br=c
Requested by
Host: chatliv.com
URL: https://chatliv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6748:a747:845:71f5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0352306366460691&plah=chatliv.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a5c96f93e814c10b43494ca83a719fa0e985477d4ae3c06bf63c1d68cd8f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12252
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame A085 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=e1c3b2a2-eb3a-e00f-209b-e68136c3efe1&tv=%7Bc:ruD18K,pingTime:-10,time:595,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697715775722%7C%7Ca74045d1e692e7b23a55f04a4316d10c%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7C9d15a8674ea08f9e7488daa9edbc6b1e%7C%7Cfe3bc0527007089a4235f77213dff762%7C%7Cf1ecc3000ab7eb40c483bc4b61387c94%7C%7C8735c4a91ec357bdad983e2ea0b7bfab%7C%7C92b70578da741467518bacd29b027da2%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:6748:a747:845:71f5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:55 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0352306366460691&plah=chatliv.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 11:42:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B7C1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2255
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:05:21 GMT
expires
Fri, 18 Oct 2024 11:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4C3A 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7e6aecfabc4bba0bdd44ef55b557ecf72680d7b7d1bff71e0061a7f374f2e58a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sQpgKHQ5IJ7gkS3msB6pig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chatliv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sQpgKHQ5IJ7gkS3msB6pig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 11:42:56 GMT
expires
Thu, 19 Oct 2023 11:42:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 19 Oct 2023 11:42:56 GMT
server
nginx
tracking-event
api.webgains.io/ Frame B40C 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:56 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 543A 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:56 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 19 Oct 2023 11:42:56 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C3A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2038057386901026&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame B7C1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
8576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 09:20:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A085 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=529940404343&version=m202309260101&ct=76&x=1&cor=17881515775930175000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B7C1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?cqaN_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:42:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 543A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8601019939336&version=m202309260101&ct=77&x=1&cor=17942352128628904000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B40C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3871024961264&version=m202309260101&ct=77&x=1&cor=4477964504335245000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 11:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2038057386901026&bg=!cXKlcj3NAAbFpEfJ5aQ7ADQBe5WfOH6d8xbMAciSDQF0tgpBMKgM61oHSvq1jrB7yzoRJ0nUrLsqAoZcBFKiyaqe2iC0AgAAATRSAAAABmgBB5kDBpGtDuaDTlJMDCrJ1wU0EJrQe_UrQ9BIb1UNGv32zyyC-8FjyvWnvTqOe2BuLIgTjKXfpqZPokyDF0pLuUeIFLEPes9s6W87s9XmEzuiBfIvqtCQRYoXgYEbUTYF7gzKAYogch__c7HBDb9bpQZ5P7SLwLavCOaKE8Rgm9YfM26KQQcV5wZuIgvQK_0YLVVC6tuhb-86ukbNaFRRC8y85UqqaFdEGkOYYPuH9sF2i6M99r4p9k0llq5pwoB625Q66Q0GTLipVmP0XPJbsgi48jskUyLmnjEivI8TyvSS4L8VNEx4S5GqqZfXDxd8IfUbuIWRHdhP6cPkFaLwXueaAJSgYfyyy-EUFczMaWVEPoBeddPyABj2GRyZ02qgZKoXUtj4Gf4Nj3ZA8XTtmGEeT6y-oYGXE_Zuw0X7p2IhbuqUFleHJ8wVJSY9jJfqyZwKX0LOhccm-OHVSIoSzXO_4-cU7tQDa200ZOld2YDWJEH23IIRMd1aIzLW4lw0hORC95krlBzu8LrXc0a_5JQINYj6PXcKKxbRxo4HOLWcO7SSo1P9lbmjOMPTwAD1nmk_ovPEOz44e1POv6W7TN1CNnApD3HpJIu0MYc1WTpq57kjYcB-gOJTwSb5N8gFzByvGkBf5mYiR38auwKsuZiErbvQVhkzRqnue9gCzSVgvnxGRXF7ndCkIDS8fIiUsy5dwNZjtELR8k_kJIL5zLL58gXeOO_iSFV8DBPgBqdueoPZ_qoQ-w4XNPGA2pYtiPsJDawmSi1ud_arMqiqawNdNbpZkT47EIqYzt-A5_4ApQ1E0loT0goRl6kzVAcR6LMNQTLyyUSM4dpSGlP6b0MPDxU2TuAKvToviAfA5zCrKQhSVAosgc55sVvViYJmBNt41qoVodSj-vavgsPecKKv8t9I8qh2aOL6sJEbKS1Hg7U8LClpRjTT4cMd2BscL-7BXkrCPP6FqkXvXmUIh6ENPuYp9386WTmOIkS9o6OI80hlljPP5RMIlWnFY02aQuhG1U7ZH9uZCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chatliv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
event
notix.io/ 		15 B
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:51 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chatliv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://chatliv.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 19 Oct 2023 11:42:49 GMT
server
nginx
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chatliv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://chatliv.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 19 Oct 2023 11:42:49 GMT
server
nginx
event
notix.io/ 		15 B
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://chatliv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 11:42:51 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chatliv.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESELV4g2Eh9VTJaBMDmohQFJw&google_cver=1&google_push=AXcoOmTMM9z48AXhdh2rMFUh8qTGHX51fwxoPcye1JPIWiASM5T494QzwqmnZ2g0zGsskNihWghjJGH5P2Paj00AETJw7yNwzpwShA
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOZZZTJ0Nxp0LgZlzc99evc&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESELV4g2Eh9VTJaBMDmohQFJw&google_cver=1&google_push=AXcoOmTY-yiCAYSfDZOxx0giO366JrWVIsYPCLtoEmWM3ZSjTlbCN5CdlJjRxMOdK--4-mkVm5Kc4ZL64qhsbqXBpNMifjWoiAQu6w
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESELV4g2Eh9VTJaBMDmohQFJw&google_cver=1&google_push=AXcoOmT4XvNwpWxToeh32AJKktz137HviDRs4rqUO8cwmivWD1ewDECH2XfQtuuxLYxb8Ladlzz1lS5am54v0oWFCRiGNCDWNbfOxjo

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| gtag object| dataLayer object| s function| $ function| jQuery object| adsbygoogle string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData object| a0_0x2aa1 function| a0_0xef81 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| ph object| dspbjs object| demandSupplyFS object| _app function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| GoogleGcLKhOms object| google_image_requests

52 Cookies

Domain/Path Name / Value
.chatliv.com/ Name: _gcl_au
Value: 1.1.1128421160.1697715773
.chatliv.com/ Name: _ga
Value: GA1.2.328686676.1697715773
.chatliv.com/ Name: _gid
Value: GA1.2.99745921.1697715773
.chatliv.com/ Name: _gat
Value: 1
.chatliv.com/ Name: _ga_WQX66W2TWS
Value: GS1.2.1697715773.1.0.1697715773.60.0.0
live.demand.supply/ Name: demandSupplyTi
Value: e231d3bc-a4ea-4cbb-bd3d-587996d61bbd
.demand.supply/ Name: __cf_bm
Value: OvlOXSmkYB01AcWvXH4jhf1gvU7mZN0Oj2jhIZ_pMaM-1697715773-0-AY4/btF5ICoUkCEuzNhw1UHYQ1jJu/57ZMQXgFgKYBsEPAlCbi/2YisD7/VM4gvfMiPZxXsPc/E0onoznC9A2dc=
.criteo.com/ Name: uid
Value: 9c14ecd3-7d21-414a-9fe5-730b82121db4
.openx.net/ Name: i
Value: dd78ba88-3aa8-404f-97e8-54aa0e3df558|1697715773
.doubleclick.net/ Name: IDE
Value: AHWqTUnT5kmRRVvFGTURoWb6uz2eZwfvCKNnepCaMArYA5pPqs-Uc0DmdwFOfLnuISA
.chatliv.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1697715774009,"lastSynced":1697715774009}
.chatliv.com/ Name: cto_bundle
Value: 620cCF9pR0l2d0M1T0loaFIzQVFjR0tCNGtod1JobGZucmZnVyUyQnJuM3FzOHI1UERaNG1ickYlMkZQb1RtTTlORVpCT1lQM3d6eURWVkphJTJCbHo3R0ZlSU9tNjl1QUM1U0JUSVdCaHkwME5rakwxZE10cmY0b3ZubEpKZUc2d3NnOEozQnVsRksxSFRQUnNaajNoQmtRRkc2MllDZmclM0QlM0Q
.chatliv.com/ Name: __gads
Value: ID=c928220b04d1bbc9:T=1697715773:RT=1697715773:S=ALNI_MZG4y9O4ap-e5neHoDZB902p7LSiQ
.chatliv.com/ Name: __gpi
Value: UID=00000c9c850d4105:T=1697715773:RT=1697715773:S=ALNI_Mbt6PMf4GBpEwOcwTRuu__X-Yy-fw
.quantserve.com/ Name: d
Value: EC4BCQGcKoEA
.quantserve.com/ Name: mc
Value: 6531163e-1146a-f8e1b-6fed6
.agkn.com/ Name: ab
Value: 0001%3ALFJZIAOD%2FCSHX03bnmIz3Zyt0SgtuqOv
.agkn.com/ Name: u
Value: C|0CEAsw9K-LMPSvgAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7886308991742736431
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTEWPgAY_MoR2wBY
.innovid.com/ Name: uuid
Value: 2cc96618-7af9-4862-a17c-80f365d718d7-20231019 07:42:54
.simpli.fi/ Name: suid
Value: 75F2C2D3220245EEAA60080170F4B7A2
.casalemedia.com/ Name: CMID
Value: ZTEWPoQokV8Zhf5r42NtowAA
.casalemedia.com/ Name: CMPS
Value: 2173
.casalemedia.com/ Name: CMPRO
Value: 2173
.de17a.com/ Name: guid
Value: 1.19583850015413180
.adnxs.com/ Name: uuid2
Value: 7368330482734532337
.doubleclick.net/ Name: APC
Value: AfxxVi4OYshIPFKABolunA-LO9wdCnpSNJ_vv9Dgb-M5-MHkd1EgLw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In8:eX)b!@wnfH8K6pQK`!5=E<*L5?%M-f!F3n_.wVPiIJHrht'fb7SB7y?12>Q/>mJr*bpRz*qF1`*b`*c*'dN.
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 8b93e4e7ac7765f5
.doubleclick.net/ Name: ar_debug
Value: 1
.zemanta.com/ Name: zuid
Value: 2pyQ10B6-oVGzr40qb9N
.awin1.com/ Name: awpv11354
Value: 412871|1697715774|a4677791-6e74-11ee-8084-22395667df75
.awin1.com/ Name: awpv11601
Value: 113440|1697715774|a46c5993-6e74-11ee-8e02-22641699f1ec
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5NzcxNTc3NHZsZWExZGUyMDIzMTAxOTEzNDI1NDg5ODI0NjY4ODE1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023101913425489824668815X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5NzcxNTc3NHZsZWExZGUyMDIzMTAxOTEzNDI1NDg5ODI0NjY4ODE1WDEyMDIxMVYxMjI2MTMyNzAyT
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5NzcxNTc3NHZsZWExZGUyMDIzMTAxOTEzNDI1NDg5ODI0NjY4ODE3WDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWQxWVJDYmY3UVQ0UUJBYzlIZEg5dEF0MjJYY1JUS1RYRWhBb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExNzY2Mw
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023101913425489824668817X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5NzcxNTc3NHZsZWExZGUyMDIzMTAxOTEzNDI1NDg5ODI0NjY4ODE3WDExNzY2M1YxMjI1MTMxMTA2T
www.conrad.de/ Name: HTLP_timestamp
Value: 1697715774964
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: CN8c5DUgks4FDzJXoPmxiHc2IfvYHJbPXlvGg2p_JCI-1697715774-0-AfiBerMptF8GKinfI+lQ0tJ8Le0PhV/jHWhQWVvfO8TobefpVlLZoB5g6eVyY5Mq77R5V256rteECk3mKGkuGLM=
.adfarm1.adition.com/ Name: UserID1
Value: 7291633727262554256
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1697715775018,"clickCookie":false}}
.acuityplatform.com/ Name: auid
Value: 842309638650
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRVF3bjGGmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVRd24xho90aGlyZFBhcnR5VXNlcklkWkNBRVNFRnJGTzdWekZrRmtTc2drNW1kZDdpQfv7hnZlcnNpb27C+w=="
.adsby.bidtheatre.com/ Name: __kuid
Value: 7fabc345-bf42-4dc5-810d-ca1d76fbf50a.466929775
.retailads.net/ Name: ppb2172
Value: 3213748772
.futalis.de/ Name: raSIDb
Value: 3213748772

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other warning URL: https://4c560110518f56e101f4975428091992.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOZZZTJ0Nxp0LgZlzc99evc&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c560110518f56e101f4975428091992.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
ag.innovid.com
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
chatliv.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connectid.analytics.yahoo.com
csm.eu.criteo.net
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900024.redintelligence.net
hal90005.redintelligence.net
i0.wp.com
ib.adnxs.com
id5-sync.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
live.demand.supply
match.adsby.bidtheatre.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
medialead.de
mug.criteo.com
notix.io
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
prod-rtb.ad4mat.net
pv.medialead.de
region1.analytics.google.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
sync-dmp.aura-dsp.com
sync.search.spotxchange.com
104.18.26.193
104.18.35.167
104.64.118.247
13.230.249.13
13.43.78.194
134.122.57.34
138.201.63.165
138.201.84.252
139.45.240.92
142.250.184.198
142.250.185.198
142.250.185.66
145.239.193.130
15.197.193.217
151.101.194.49
154.59.122.79
162.19.138.120
167.233.13.224
178.250.1.6
18.66.147.120
192.0.77.2
2001:4860:4802:32::36
213.155.156.184
23.212.201.72
23.32.185.35
2600:1901:0:76b9::
2600:1f18:1aca:4281:6748:a747:845:71f5
2600:9000:223c:ee00:10:dd8:5e40:93a1
2600:9000:223f:d400:8:48e:53c0:93a1
2600:9000:2250:a800:a:e047:753:6381
2606:4700:10::6816:3556
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:3032::6815:489f
2606:4700:3033::ac43:98b9
2606:4700::6810:5814
2606:4700::6810:8516
2606:4700::6810:c0cb
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9a
2a01:4f8:d0a:2321::2
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:fa8:8806:12::1400
2a04:4e42::649
2a05:d01c:1d8:8102:75d:875c:7927:eb04
2a0b:4d07:102::1
3.69.18.113
3.71.149.231
3.9.163.207
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.204.74.118
37.157.6.243
37.252.171.149
49.12.22.42
50.31.142.191
51.89.9.253
52.18.6.202
52.48.43.143
65.9.66.104
84.200.5.215
85.114.159.93
94.130.102.164
94.23.99.218
99.86.4.94
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0445fac7355f5993d6aed3ff6a2b75e8b33fc251ef793f66933fc67e4ddc2c59
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
063b49344ebc1e14a06106269570e1145b4f056c4960820862a097f302eafac6
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bae2bd0224daa9bd1383c4ea423cbc0c98c5f358efa945ca0aa35aa6a7cceb9
0ceb0cfb6868813119359bcdbe7a2e523c8c07b48836125b0c29df1c51c65568
0d1b2086f7aebdbc2ad2f8ef8027fedab2d762bd4884de4fc494ac369f43cd20
0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c
0fbadc9d5cacf919c695e966d9d47f6fd9040a49cc74c1c9ad961e185eca8a3e
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
10985b55208ed558f31aa58dbee1dfb726eb45934517cf387af98ad9f35d3742
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d34c45f3a74b3ea714f41d3bca2c8617db45e1e9db1e854fd176ffc5bfe69b
13fa3bb67a02d7e2da3d3c16a6c3296f7eb03ad98656edf5987e7b99e8430990
155fc008867152c45e68a0481738af5a804781993b899ad8e33e7beb8c4bb1b9
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18841f639f82eaa604252597b8934e7c19e16833117d997d660ffb9d818fac4c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1fe55c7512dafe45f5039562a6252cffb94d16d7d8d72c26b14514015dd601a5
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
26351dc9b44473c542319e9cdd891c0537a64589a7cc35d59f9b9a60251b0cd6
2c9a3433b43f286d98060255b101bd4ccbe4dd7931762d36e2d48575dfe119f5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d7bbb97a99c97519564b269a5d09f3c56104db0f64f5fa65bd7f8443807cc08
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30b837bb1579ae3c129a988062fe1c3550441f778e632a3b43f1cc13196d0b74
30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46406259675de469e6247f61ccbad0cc7aa01113e4ed20dd590036fe4110d3d4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b3b8d497a37a08513b7a3069ca43ad12755983eda42c4bc34364c74337f6287
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9a505804d0f3771196ebff4c1c98bb3b0adb35b3db74f92732fe4129b13e27
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
52702f23e17bb54bef6f342e066ed111297bc78491849a584794afa796510c2c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576a70b782ebf6e1ea1eeafdf83769ab584a6b29aaf4716a23eb0f9f9086bfa8
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
59d8b805b12d336d283666c0148287dfd4238f893d5ed7364ac9b542eb160853
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5ae3fe04e1d5f01cadfdbc44f5ec8d276a7b3b5cbb89d63a817a8e7aa730bf3f
5d698efa119f85b20fe4d9a694894014e3197b8e4de7e61d18d27c60eecd9b81
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64cd13477a2cd2e1a5df0cf9e94ed9ac2de98d28cf5554ede3565751f9ca1442
651a16ad972fa523e68024dad0e54aeb66f56114c3c9ce4782f4816f184de7a9
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69c5c03f98c10c968216bf232060f08c5c0e87e648db0e3f13963ccb195d3c2f
6a77c253ce99b99e005fd080095a4bd9b4c9c92a0fec86df39aad10088f60fdd
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73bd736711c3d412b0dad0b87eafb856d1314f544a407b92c7fc91a0f423d5a3
74fe8a97161f9f640e07bb2a6f83420375925cc0cb556ca235f569850e0e4668
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7a5a6fbaa920c1f326651df1e4e178b20f2da992f3138fbbd43187b8665d8a4c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
7e6aecfabc4bba0bdd44ef55b557ecf72680d7b7d1bff71e0061a7f374f2e58a
7f579057deb3bdb5df36bada2d710f1c119890f190c48cf517cb3edb9a2ef1ec
84d369847b4e9a82fcd8605f67b5a36a5897d6999fc84febebcb44fafdcaf15a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857d7ceade9f055be3aca7618ef2339d046a61cacd6de85c5ddd02e1d907e3c9
86f9212e7ad9b3a99f333bf01b175a28c06e672256a33bcda8ed043ee5293f9e
87cf89783fc9dcfaa007676cfcf91d891d33848dbbbbb3d72cb9d8f5d164dc9e
88b46bf7392c829f7b71e693d5d13a572564c0195047de15b78543bf37f942e2
8a5c96f93e814c10b43494ca83a719fa0e985477d4ae3c06bf63c1d68cd8f65b
8a80173f1407ae7160a21cfb7778cba0de3c7b194a19c214333b0003e10f2db5
8b27d3253f5f1cc45f8d09c13323b6d70e9a75f50419bf0d3eb7d5413828d037
8cf21af4fc34da81aca551db40596efe60f4cb1abc83d59efcb858cfd8fa6064
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de8dd397686f04d8a72b430344c87fc53642fc0fa7c5e1a65ab3ed01221b665
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef9615b30ad8d3d8e071cc2104757773df7ff0180959eb06539d07ab6fb3f76
94fdf1a80748f8309f967672648d551da22718c6309155987c06f661d504301a
99468f5152d5cd25d574ce20bdd7c23db474de1f6b6f6bdf556dad46c5bc18c4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0eca345d516df2948402419c2b59c1843242bcc86c26cb751721d2f83869668
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa1951be15ee6946a7fcf0534027f8349796b93cf89c642f517a8bccf26c3259
ab41a4ecf75f3074028eace042804a243389ce6b7451583651dae18a2dd70012
afaf6f67cd5bfa85068da5474318d3990df08ecc058005187c21c8bf59263f0f
aff0fb26744088a8466cf3b224307798d77604febac5d15b0e8f5d95c73722fa
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b12d5fda7a7b63a9e7cbbaeb77b4bc896935b716882c1f1d9beca4767b5de2b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23d1943800e5bc093e49196170e67ac9fb39a3e8012275c8bb051ff9fbdc976
b5c1731db6056702fac9554c8a4c7d2815fbe7fe2dcc3a525bad04221df067dc
b9e89eeacee5dd3c042b02f402c7f9ea81f4d90e5869d0da197873bd9eca4b37
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf34ddbe76a040035399fa7bfda8b8929b83455b314325dc98f1a9fbaab0f3f1
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292
c2143656ff8d518def2055791169cca8d732f95d4e7f9b27322cb1f10a139662
c2a8da12261023116512a6e17a604cf92ec0a9208d7f5e449f4d5939c0da03a3
c75166534a7cf375f7963558a6a55858688f6c289c9d200706ce1592669ffe3b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
ce7dd0fda93cf1b2f650998c54fb481ec7d7a9904c59a00db31682a867778cbd
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d334df00f4c06c653ae77c7d4b57631f288349d9655595f48d8948e551aba277
d48ab111dc64ed74d565f0fb8c83fae300ea8dc01f5b1732b849ee2db2935f8d
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d8335bc386e318dd0f2e573e90dae2c098afbc108e89b6d8bcce5538057c5c23
d9feeab724756ecce456073070084282b5d4c6c82a27dd4a7b7fb609355f2bad
dbf894d16c9e6adda881d224b711ab3375d4a988c79883bbd869d7bd6dc9c903
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
e0e1c23f04fec288a932e9bf8833e4335c7affd4847be668cae72608fad582bf
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e13dbc79de5cd2c08c7aa75030a5da2d9c343c835d6f48b00f323c391ec0c09a
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c02a8ab340265dd18ecec5096265e2f9891f3a1d86d045f73f177fccec440b
e4d79b956a1550d1ec1e4eed8a59841476b4162921a1a62e309c674d4a66bd25
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ec02e2ad1adcee199c99140d30ceac1ee6e3bffabb419754b5b31ac918dcc954
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f1cd63b3eed5a2c158329e8bce4c2c94d7605bd64db801f7af5e6bd0e593bd5e
f3caf8a629cf1aa871edb49135e7edfa2dc9f7944eac5d4da7240bbf4d16b732
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe4c075fe2a09268ea78e7250c2b2f8571d8306a0ff692271df3103cf6bd9425
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2