id.tellows.net Open in urlscan Pro
2606:4700:3037::6815:597d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://id.tellows.net/
Effective URL:
https://id.tellows.net/
Submission: On January 31 via manual (January 31st 2022, 11:42:25 am UTC) from SG — Scanned from DE

Summary HTTP 301 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 27 domains to perform 301 HTTP transactions. The main IP is 2606:4700:3037::6815:597d, located in United States and belongs to CLOUDFLARENET, US. The main domain is id.tellows.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time id.tellows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700:303... 2606:4700:3037::6815:597d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
18	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
42	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 1	52.50.67.198 52.50.67.198	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:7a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
18 24	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
7 19	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
7 13	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
24	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
7	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
2 8	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
3	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	54.229.240.78 54.229.240.78	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
4 8	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
8	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	18.66.97.126 18.66.97.126	16509 (AMAZON-02) (AMAZON-02)
8	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
301	40

11 2606:4700:3037::6815:597d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.tellows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.67.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-67-198.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.184.226 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 184.30.20.241 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.33.220.243 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.150 (Neulussheim, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.240.78 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-240-78.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Wuppertal, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-126.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	658 KB
57	doubleclick.net 22 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 91857 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 210157	346 KB
44	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1493 pbs.twimg.com — Cisco Umbrella Rank: 668 ton.twimg.com — Cisco Umbrella Rank: 5586	360 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	575 KB
22	redintelligence.net 3 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32669 hal900021.redintelligence.net — Cisco Umbrella Rank: 243127 hal90008.redintelligence.net — Cisco Umbrella Rank: 223642 hal900014.redintelligence.net — Cisco Umbrella Rank: 298464	82 KB
19	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	18 KB
13	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	12 KB
12	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19799 api.webgains.io — Cisco Umbrella Rank: 60455	205 KB
11	tellows.net 1 redirects id.tellows.net	204 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	214 KB
8	webgains.com track.webgains.com — Cisco Umbrella Rank: 44883	70 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	263 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	39 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	126 KB
4	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 250175	4 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 175237	6 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 93683	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 556 static.adsafeprotected.com — Cisco Umbrella Rank: 533	688 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 279	17 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	22 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 14385	705 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 317714	409 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10678	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	415 B
301	27

	Domain	Requested by
41	pbs.twimg.com	id.tellows.net
40	pagead2.googlesyndication.com	id.tellows.net pagead2.googlesyndication.com d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
33	tpc.googlesyndication.com	googleads.g.doubleclick.net d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com id.tellows.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
24	s0.2mdn.net	id.tellows.net s0.2mdn.net
24	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net
19	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com id.tellows.net
13	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
11	id.tellows.net	1 redirects id.tellows.net
8	api.webgains.io	analytics.webgains.io
8	track.webgains.com	id.tellows.net hal900014.redintelligence.net hal900021.redintelligence.net hal90008.redintelligence.net d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com track.webgains.com
8	hal90008.redintelligence.net	2 redirects d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com hal90008.redintelligence.net
7	hal9000.redintelligence.net	d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com hal90008.redintelligence.net
7	www.googletagservices.com	googleads.g.doubleclick.net d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com id.tellows.net
7	d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	platform.twitter.com	id.tellows.net platform.twitter.com
6	5994599.fls.doubleclick.net	3 redirects id.tellows.net
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com 5994599.fls.doubleclick.net 8019191.fls.doubleclick.net
4	analytics.webgains.io	track.webgains.com
4	www.googletagmanager.com	adv.office-partner.de
4	adv.office-partner.de	hal900014.redintelligence.net hal900021.redintelligence.net hal90008.redintelligence.net
4	googleads4.g.doubleclick.net	id.tellows.net
4	hal900021.redintelligence.net	1 redirects d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com hal900021.redintelligence.net
4	securepubads.g.doubleclick.net	id.tellows.net securepubads.g.doubleclick.net
3	hal900014.redintelligence.net	hal9000.redintelligence.net hal900014.redintelligence.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net hal90008.redintelligence.net
2	fonts.gstatic.com	fonts.googleapis.com
2	8019191.fls.doubleclick.net	1 redirects id.tellows.net
2	cdn.retailads.net	1 redirects futalis.de
2	skydeutschland.demdex.net	1 redirects d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	ssl.google-analytics.com	id.tellows.net
1	cdnjs.cloudflare.com	s0.2mdn.net
1	www.awin1.com	d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
1	futalis.de	hal90008.redintelligence.net
1	m.exactag.com	d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
1	static.adsafeprotected.com	d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.syndication.twimg.com	platform.twitter.com
301	44

This site contains links to these domains. Also see Links.

Domain
blog.tellows.net
www.tellows.de
www.tellows.co.uk
play.google.com
apps.apple.com
twitter.com
www.facebook.com
www.instagram.com
shop.tellows.de
www.linkedin.com
www.tellows.com
www.tellows.es
www.tellows.fr
www.tellows.nl
www.tellows.at
www.tellows.ch
www.tellows.jp
www.tellows.cz
www.tellows.se
www.tellows.it
www.tellows.pl
www.tellows.ru
www.tellows.in
www.tellows.mx
www.tellows.co.nz
www.tellows.com.br
www.tellows.pt
ve.tellows.net
ae.tellows.net
cn.tellows.net
eg.tellows.net
www.tellows.tw
www.tellows.be
dz.tellows.net
sa.tellows.net
ir.tellows.net
ie.tellows.net
ar.tellows.net
www.tellows.co.za
cl.tellows.net
www.tellows-au.com
www.tellows-tr.com
www.tellows.co
no.tellows.net
www.tellows.hu
il.tellows.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
adv.office-partner.de R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.futalis.de R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2021-07-17` - `2022-07-17`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 48 frames:

Primary Page: https://id.tellows.net/
Frame ID: 4D6490495EEA18C21E0E11FF05819241
Requests: 34 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fid.tellows.net
Frame ID: 35B8AAF77A57D28A3E71FDD83795FACF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: E7766093C9337E48D1B9145F3BE6E84E
Requests: 1 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ADE3FB8628C398B8954E2EE2AF4C594C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7355140920468051&output=html&adk=1812271804&adf=3025194257&lmt=1643629337&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fid.tellows.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643629337691&bpp=2&bdt=301&idt=199&shv=r20220126&mjsv=m202201260301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7118021390674&frm=20&pv=2&ga_vid=1703246909.1643629338&ga_sid=1643629338&ga_hid=1089536134&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31062423%2C31064586%2C31060032%2C31062930&oid=2&pvsid=1609483219590685&pem=761&tmod=322137960&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 8D00A40751035520AFC9F5D4C91DED14
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1487329921945030656/1vE2_qqc?format=png&name=144x144_2
Frame ID: D380ACEDD19A91E82133778933D9E1E0
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: ED4048BB668944A0F3A98DBFF7EAB4EA
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 550E774734D5E4912345162DD6A94F6B
Requests: 7 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20295B3BF1303C64A926FF387B4DE2B2
Requests: 14 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2AF758C78628D355A8ECE80769749E25
Requests: 17 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A126E1C274F37AF0505053236DA39B1
Requests: 11 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E7D8B508C1D71154B6BEE98C8EE24A8
Requests: 11 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 493A6EBA5CE9EB3DD813703E0A271568
Requests: 11 HTTP requests in this frame

Frame: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5BCCAAD0B87D21C6729765D27E28F77F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D6727DCA0E11518D4C37292C7979A3FB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjc55C_ATAB&v=APEucNUm0jCmvDj9cctZrlIutssTgtzK7T1XIigWA3v85tUhfeTUj4vUIyz3X4tebSVwVNKS-kQ0XrqBBYwoXlCMCPj8BLL64ut-8WBW6EoPJeOGpd8MmH3zlyFSqbfGnjVyi63E2yIOt1_Rj5E7zD_XLkZobT024w9p6dzqCx76dEiF7fp1LCcUn8WH8QGm7FsE1MRg7VBr
Frame ID: AF1F2A5D96719A4718D5136B5B4F9282
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVBRG8W7mX2xlkcfP3evcO06sE3lQSksaxDAKERaWv-2tqKCffpdHjmj-X6Y0mu5HCotqGHn2NpqKZxajQnDoeq3ejKnedvV_Stx4vkmzXCKopNk6xL8Q7fhs0O_6g5_gVCcLKCmOWpI_JsWPmfFp3xi62etnnjQPtrgmfHgYVff0tK4f9Ll5WAe0s3L5ReK79gSx9H
Frame ID: F41015200E1BAA07DD6E8DC952684BD4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVXK1ZRIB41UDEk1c4pq_fTL8A_-2QYmiA9BOSUtpPWowMUKTa2k6WIuPPdMnPkZU8h4_glcDYL-uVq9BJ5c4h55q0yQiRjYFv2vi_3OntL5ux7JpxMMWDjHvu0Ud9Uwtys2JahnTssOoZzrrmNEGgpr0mijC1VMY3h6CfnV0IDMDO6oX8ffC1qYugjGdBwh-BErIIN
Frame ID: 07872FC21EBC07B52AA06410579666B5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3aMyodR22hysZTmGmFj7Otvqj7YrdQxU6fygQ5bA_rYr0VY-9zS6bmkQ61WOeCvpYGvObZkCQMddfFftFMNV-teSTFXmDRbejXSJMLe5HRbYVv_yoR8v5DUwI2k77NM9TRKnQH9k8bg6cvMRhyhtKIzjwyw&cry=1&dbm_d=AKAmf-ANSD-M8pp6Hzs06UXBetNb_BteVC4sQ--xnSEz91odYwSwtHWJBUJNMWLoTsPeHZz4lLGMxqj4u9Wg6ZnWignj2VZPmuL_sqlGLiD9Fi0xh_EvCkgEXLOjenMuShVV0UV5FHEF5UcGx17Nhh-0olJ0EYZtHhElsqcreqatYlY4dvwHaYpJWlyYrpOGe11peBzUa0447Al63-LiTF-YUPFCUkjv9P4JS-kgJfNBTmVZWUkWXScEmiUXU6qo6xJJUthCfIob9mHpOF67dL83tLDjtrJFODFEkTFNksvF1mti4F-R28ppJMmkwRi2Qrt4HhtC0S3fZAsaoBMIWmS4KSmOfwYkxt_kEuvjFuCo1XXUMUo8Zuii6t9V8mpqy0twA5fVyJ10tWRQxtdb5a-TDKl0e2NBSwA7nMRHatXux0KsVHGdoN0u4EMuP6fT2KD7kG-wuOddgY9fnVUSFI0wXPI2gEkHvMYa_9D8y8J6-JqLAEjNNWQRKPjHy80SdipEueI0luScEVAXA846at-uPyCRF6Vvyu_S9RFr2ll12qfrAjc5n56NkK36SUTRhuhpB_i4Nv1urmpdF_77y0yT8o_AUX5XW-xKfr1zR5BOa2M0wLvK3wwppzueI-uNs38reahAzkJWihAqZeLt4gKn0ue1z5JgVJJTq4P3UZpudGIDx4UTMY8Zx8gk1lp982BxPBaU-2p-yoOxhKM8taPgknNzSKyYRdAV3Hx_XLtHZSJ-xJuUE_pbmaZ33EGG6dpPDBebhELc5JmvkGoowTffriFUFNq3bulisnHPqVf5va6MgrgqibW-gMjo-UYrqnXnO0Bdy6rNtbo2VM_uTE5Hd7Hd0eHpw3ejXr_fuMvdM55WHWd54aRvKQeBH7TgluzlhH4ouPQWq5riMdPIQmoX2rEVyWGpQo9iD2zoQQ9TiAaGRB46zvQN3Hd7Vhgh9Ri17zwCDO0WlAILuGAK0wwS4GBcUBhCqFOuMj8ARx921ckB3wxHR46PZWvqtfQJBCHL-uz-XEv2eMkzjK81kQ92Esjkl4RVf-sYd3JP9SVbOl3vHVu7ORwLp_5IExRG_XkDYWrfS60TBV4L04Z2gm0y1UVrCwsxTcieYx8M8nFXI5kV8AuLhg7KI2yN2yaLkQM8rLmicxDZyT6M5udf8dWsYpFQwjJnGFgSQIkVncNIF-WQJYfJ0Ve10EZE33Bi5iL0aC3-3IhIO7Vk6Z1NwDsBLztiWLEuD_L0sHDnM0qocN5vsxzFEyYpHnYywQmDhHo9BaE-oN2Oq8MppXfv2NkM-jn7JPlvwM9S0urucW73lbyBttooG7YLQAZq2eaknTLT4G9CH4QaewtAAs9fcbBpMd9FTCO4f3082l6TvuJdTtr83xuP2RQxM41TDo2k0SMO1QQ9tKLgSIq_mwOHtuSAis1No044ljtUvF0a5scR8BQWrbi0UqGl9zxstvw5p37FuPkCQCbiHIbkrgbdemlpjxpuiPooYSxTGE1VXOFLLR9waRHJNJG6Z7m39XmczhNJmvPhb7dEXm3IXm3urqjvBw2005GAt0D1qaJJ3rVBS4YcPBSvlRVkMLivyETKQeRmLlOfDI1_dRWS3Z6yvnn312N2KF_jaAaAjT3bLo6rz8PXORy7O64QjWWpp5xmR9m1wO2U079X9NH6AAOlEv6PVlwpLWxBco6ROTmZPngDXgwkcYUCdAhhcxT8IXcE81Sv0g476WNtEhvf2ut7Nug0uY4uyRobFzWygXLxqRQiEVlxLp-t9HiH0TcmkIF7FtD2BSrqTzXYMlemfUVj21th072HixKx1-728t065cDP5pl00g6hVmXfwhPq6S4hziIabvYyuqN3Sfw2CcoVXwuz8VGF5TGECINlPeWkcttJk5cgUNNJb95xlQP_9jrL4hVTjfJpQlUlTHvgZ7xPDoFmaJDcF8MP1LgKUR5aCRq4XK2TOEa9Mk0F7vju5-hqubuHuEpHoX7taxpMebp_erR3EtcY1w2rKIAgGFj6IZ_yy_0OL0CMc1M8NJ0LBs4eCIC6njlxAosvyJHHOB2qaOSYedKstqCrLh2M1CTza24jL5cn0BC1W_PEWuNPXNQQq8rvxv_cXgBuMWIPqMmYSHcgx6Esabc9ko5pKTdBPGQYUooayDyeK6qhv5GAac8rmNBh7epGZCoZlFqQi7IuQP408lnG42WC14zj9NqPfKEKWVGYlWVWoZ1UarcK4xMRcP3HRiijhAM0PXXoZGkoNUwLLZZ6lL1JEOTv_S3eQ2dD3qHt2vUqGECI5IMm1JqlWObdnvrpvSSAT3Gk2qQd_KLP1rjaB6XbxBa6FvDs2rnpaEKLsqnEjB4gvG-aZC3EmlGk5rtb4SHVZ1544kjY54Zumg7ovAr56NqNtwf1A16_Y_L21sxXM9pIduD7ifD7lIZlvs0RbhuseNMmv54DYK6jwbwwyt1EJ_DVBVb4CauwAxJ3eCsduu1KqYrcB04PUwGWMmP9h-eKCIHEnLUvjYpT78LAr8DC_5yQB8fCHLG1NFEzpgELsXbBsnMrGQ5bGL-W_HGPeH9wCM2psmJsDwKwd6GwNbMllDOMHcsUcoiW-rErK2ExXbX2PcRSE3UOlyf1Vj9OtCzubw96Y3GMZSkA8haAXi5F4X9k092igYuFzdicAfK_2ZMTaQID2T4OQz7s831vj6xdxq4eBidB1pVw1BwAHLyPqNYYlW6lVQLwW5S3kOAk33fxZZojtmDYVjdgCCQUJXYKaVvQe_pduvJZvkh8Yf4zwacuWSOSrVt6VokuFmzNvAo0Qs4O96i6aLl4joaA-qIkreUGVnWhpQ_b3sodSYK4G5bkVtsxTY0CJdIfPrOiKXSZ9qkPHh2QbTBY_YrTuAXYPy0NZvYSWscQklykec65scOgLXb1U3_3zRYTU4JxMrKhmZq5hePmWY5Lv7GnJsd3jUfJ7VRKQQe2IDuBVBg33uAOOU3bXAdcbaFr_fcoYxfUk3q_W5gcf78mQe2AgNutw9l3-d9CE6u0Fvn832ytmrHW2ZyPh8KroVsIR5Wg1dEnvUI9vXVLb911A-BcAAzE2_qNDl6okmF141PBJMDUO40QiUY7ysueQiWskhEjaOssVNPvtsMy2f52wa-5b1_CAGBBuufquuSWQ8QfnaWPo9aFDc89F3ULh9nmZjY4TjLbqXlUHbq9fNWiV6jReQc8FGD9H91D4F_5gAOWkhvckg&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=2%2Chttps%253A%252F%252Fid.tellows.net%252F%240
Frame ID: 58C5BAA5213A0F65BC3A032E59395F6F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNW5ODc9B76EdEyVE0U8-6171AthR9ksdZ0OPp8yCwW_yrOMbG4bBtSOaCDzxlws9pMFZ0mciWD7vclTIMqbYkxhD9Z3c3fsCkkAjwgQmZvy14LlX7moCGSvRMmlesuTtxTojFPbYLup5W1dmG-p_eUnLkT1P0HzOxU6_JoK4ID70Lny3gPFmQkp7_x63APyf1BVDjyD
Frame ID: 75B5756BDF5190573E56DBFDA5C8EBDB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNX07ZwM7ILGrcq2XF6iyo5ogPcNpXgQA7XBMZ3apACPJd8W9LxbJw001A9gtCFoQtuKRhT0OBFsrbp8SIOn77Z-bN4_PJQJVK0Z4WfYdiTJyYOmm-9fA8OVxnFzPszTYI-pWvimmE3Qa63UjKjHmXUocYQ3Ev6kZ_-quGdrYR2zEL_ut4hacPQDhOI6aqujZyeEs-YG
Frame ID: 3913FC2CEA4BD21083DDE5BCDCA1D464
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVUS_EJOH4FfxTEH1hbfciX9SxIOvDvq6ZIwfvSMu9JzAEypIE_7VMSgxlEDBt2AOjy3CSe8rjpt_avdBzmTWBJGDhMvn5XkaeY9pqAdhBtawgrfWDrtAUxKRp2l6qUQzFCxXZs_cbAN1FFImOA2pGkiCmg7YAqh28CnbP11s1Fx7aeQp9OMIPOGbh3379drmE963Lx
Frame ID: D53BACA19B477EB69A9A51CC11444607
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F462DC0079D36AB70FC64E44B31C6037
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6424948B1B771D3CA644C4B6E5BCB7DA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 142BF920C72D5CF7E23477617C456301
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 152402D2F7195E17F2628A79C1108E9C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83876EA1C90E349177DAA64117F59A4B
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F78B48D4191B127B4149B2338233135C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DD111A7F14942D72EC2DE5A08AB2530A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2
Frame ID: 4BA44B85DCD22F0CF09A485AEE49A875
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
Frame ID: 55F99A3F2F4FAE467C9552C0840F6658
Requests: 13 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 93624846D14ECB6620F621322AEB2BA7
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066
Frame ID: C9412C256A05BE45F29CD8812F887192
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=38979700131350700757617011856014&a=a6ab1294
Frame ID: F5D1F47FE7FB436046F0D9B8C0C4AE45
Requests: 7 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B06753AEA1F94B0859C30CB64C3605EC
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764
Frame ID: D2E35A1B56310FB2CB66B63C8E8D9FA9
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=25704100131039600757617011856021&a=d8cc90b8
Frame ID: 25089A5E7B1A70320A2AED3A4605BC5B
Requests: 7 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B39A02A9BEAC39E614E86AD310C88A4B
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1182519362
Frame ID: 7DF949F4CF1627F4F4A4AF4DF3A26DBA
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413
Frame ID: BF21F033997E3DB573AD7A55B1092861
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
Frame ID: F8B506760F4955A42B36CF704891A4CC
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 93711313EE5DA0F0AAFB59D33918CFFB
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705
Frame ID: CDD3A781CCCC2B490D14273A7937C524
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=89923500122440800757617011856008&a=8f1c4ec6
Frame ID: 7CE1E78B6C2E3EB41988C32E81DE33B7
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Frame ID: 83F2EAECA20A93F8B4FFFB7C1CF473CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Frame ID: 13551071229791C1F58F41CAEB6E4B51
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22A09EB6FAF7ACAF48F03ED0DA10CBED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 003BD3DD7DAC1BB4630DE9D82BD3C603
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tellows - Komunitas yang menyediakan informasi nomor telepon dan nomor-nomor berbahaya

Page URL History Show full URLs

http://id.tellows.net/ HTTP 301
https://id.tellows.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

301
Requests

90 %
HTTPS

53 %
IPv6

27
Domains

44
Subdomains

40
IPs

6
Countries

3203 kB
Transfer

7044 kB
Size

27
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.tellows.net/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.tellows.de/
Title: Deutschland: www.tellows.de

Search URL Search Domain Scan URL

URL: https://www.tellows.co.uk/c/about-tellows-uk/registration/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=app.tellows&hl=id
Title: Android

Search URL Search Domain Scan URL

URL: https://apps.apple.com/id/app/tellows-caller-id-block/id1166263660?l=id
Title: iPhonemu

Search URL Search Domain Scan URL

URL: https://www.tellows.co.uk/c/about-tellows-uk/the-tellows-magazine-for-the-uk/
Title: majalah

Search URL Search Domain Scan URL

URL: https://www.tellows.co.uk/c/about-tellows-de/presse/
Title: press tellows

Search URL Search Domain Scan URL

URL: https://twitter.com/tellowswhocalls
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tellows/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tellows_callerid_lookup/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://shop.tellows.de/en/

Search URL Search Domain Scan URL

URL: https://blog.tellows.net/indonesia-bagaimana-skor-tellows-berfungsi/
Title: skor tellows

Search URL Search Domain Scan URL

URL: https://blog.tellows.net/2019/09/waspada-terhadap-nomor-nomor-ini/
Title: Waspada terhadap nomor-nomor ini!

Search URL Search Domain Scan URL

URL: https://blog.tellows.net/2019/09/panggilan-masuk-dengan-id-greater-jakarta-apa-maksudnya/
Title: Panggilan masuk dengan ID Greater Jakarta, apa maksudnya?

Search URL Search Domain Scan URL

URL: https://blog.tellows.net/2019/08/sering-diganggu-telemarketing-asuransi-ini-solusinya/
Title: Sering diganggu telemarketing asuransi? Ini solusinya!

Search URL Search Domain Scan URL

URL: https://blog.tellows.net/2018/11/aplikasi-caller-id-untuk-pengguna-iphone/
Title: iPhone

Search URL Search Domain Scan URL

URL: https://blog.tellows.net/2018/11/aplikasi-tellows-di-androidmu/
Title: Android

Search URL Search Domain Scan URL

URL: https://www.tellows.de/c/about-tellows-de/presse/
Title: Pers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tellows

Search URL Search Domain Scan URL

URL: https://twitter.com/tellows_id?ref_src=twsrc%5Etfw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tellows/

Search URL Search Domain Scan URL

URL: https://www.tellows.com/
Title: tellows Amerika Serikat

Search URL Search Domain Scan URL

URL: https://www.tellows.co.uk/
Title: tellows Inggris

Search URL Search Domain Scan URL

URL: https://www.tellows.es/
Title: tellows Spanyol

Search URL Search Domain Scan URL

URL: https://www.tellows.fr/
Title: tellows Perancis

Search URL Search Domain Scan URL

URL: https://www.tellows.nl/
Title: tellows Belanda

Search URL Search Domain Scan URL

URL: https://www.tellows.at/
Title: tellows Austria

Search URL Search Domain Scan URL

URL: https://www.tellows.ch/
Title: tellows Swiss

Search URL Search Domain Scan URL

URL: https://www.tellows.jp/
Title: tellows Jepang

Search URL Search Domain Scan URL

URL: https://www.tellows.cz/
Title: tellows Ceko

Search URL Search Domain Scan URL

URL: https://www.tellows.se/
Title: tellows Swedia

Search URL Search Domain Scan URL

URL: https://www.tellows.it/
Title: tellows Itali

Search URL Search Domain Scan URL

URL: https://www.tellows.pl/
Title: tellows Polandia

Search URL Search Domain Scan URL

URL: https://www.tellows.ru/
Title: tellows Rusia

Search URL Search Domain Scan URL

URL: https://www.tellows.in/
Title: tellows India

Search URL Search Domain Scan URL

URL: https://www.tellows.mx/
Title: tellows Meksiko

Search URL Search Domain Scan URL

URL: https://www.tellows.co.nz/
Title: tellows Selandia Baru

Search URL Search Domain Scan URL

URL: https://www.tellows.com.br/
Title: tellows Brasil

Search URL Search Domain Scan URL

URL: https://www.tellows.pt/
Title: tellows Portugal

Search URL Search Domain Scan URL

URL: https://ve.tellows.net/
Title: tellows Venezuela

Search URL Search Domain Scan URL

URL: https://ae.tellows.net/
Title: tellows Uni Emirat Arab

Search URL Search Domain Scan URL

URL: https://cn.tellows.net/
Title: tellows Cina

Search URL Search Domain Scan URL

URL: https://eg.tellows.net/
Title: tellows Mesir

Search URL Search Domain Scan URL

URL: https://www.tellows.tw/
Title: tellows Taiwan

Search URL Search Domain Scan URL

URL: https://www.tellows.be/
Title: tellows Belgia

Search URL Search Domain Scan URL

URL: https://dz.tellows.net/
Title: tellows Algeria

Search URL Search Domain Scan URL

URL: https://sa.tellows.net/
Title: tellows Arab Saudi

Search URL Search Domain Scan URL

URL: https://ir.tellows.net/
Title: tellows Iran

Search URL Search Domain Scan URL

URL: https://ie.tellows.net/
Title: tellows Irlandia

Search URL Search Domain Scan URL

URL: https://ar.tellows.net/
Title: tellows Argentina

Search URL Search Domain Scan URL

URL: https://www.tellows.co.za/
Title: tellows Afrika Selatan

Search URL Search Domain Scan URL

URL: https://cl.tellows.net/
Title: tellows Chili

Search URL Search Domain Scan URL

URL: https://www.tellows-au.com/
Title: tellows Australia

Search URL Search Domain Scan URL

URL: https://www.tellows-tr.com/
Title: tellows Turki

Search URL Search Domain Scan URL

URL: https://www.tellows.co/
Title: tellows Kolombia

Search URL Search Domain Scan URL

URL: https://no.tellows.net/
Title: tellows Norwegia

Search URL Search Domain Scan URL

URL: https://www.tellows.hu/
Title: tellows Hungaria

Search URL Search Domain Scan URL

URL: https://il.tellows.org/
Title: tellows Israel

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://id.tellows.net/ HTTP 301
https://id.tellows.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://pixel.adsafeprotected.com/rfw/st/907318/59567102/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFX4a580j5gXqrfXVwAMqI&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKVD_6TNm2aSk29BrAgdDe8&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGbrlR8NSN93J60icWBjRow&google_cver=1

Request Chain 144

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Request Chain 146

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

Request Chain 155

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Request Chain 157

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

Request Chain 165

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Request Chain 167

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Request Chain 171

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Request Chain 188

https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=7650178681431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=7650178681431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 189

https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 192

https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=3177708991544&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=3177708991544&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 195

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 206

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=4705015&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=4705015&gdpr=&gdpr_consent=

Request Chain 209

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066

Request Chain 213

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764

Request Chain 217

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=93338700122440600710584011856008&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1182519362

Request Chain 219

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413

Request Chain 224

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705

301 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
id.tellows.net/
Redirect Chain

http://id.tellows.net/
https://id.tellows.net/

68 KB
13 KB

150ms
131ms

Document
text/html

2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.tellows.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18abe09a99a8295febee74dabf836b90fca2ec3ace7946305f4f450968d31dc8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7ELekS%2FiTj2wiat5vq%2B9z5wEdCF21YBH8jSOGETJghFmyf4xhARFfFOi6ztXmXOp8rbRcyk5Ip0bz4vkjckgQU4e1dbJK%2FQcfYGlgdgLCZMrsvFw0Ff6uP3JlLhxeR1RMkuVkchqRZQ3UuF%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d62acfdd84691ea-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Mon, 31 Jan 2022 11:42:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 31 Jan 2022 12:42:17 GMT
Location: https://id.tellows.net/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmv4Q5bGZAXGeL4rc33fQLknWIg7qeQ248ZXPb2wbtJkMhRzYCRq0KuoY5AmI%2FDYImUFnpsNVCFaPLOlbkjJPCk965LjCMtfjhnvg1ve5SIvFKeo7MGmnj9FRjQ4E6G26mVDjDcxT1xn97eQ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d62acfd5cd85c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 home.css
id.tellows.net/css/bootstrap-resp/ 45 KB
10 KB 52ms
51ms Stylesheet
text/css 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.tellows.net/css/bootstrap-resp/home.css?v=18
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c5c1b00b2a46a222cb265a4ab7f72c8a7eaa90340f47b83ce140c33acddeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Dec 2021 13:10:05 GMT
server: cloudflare
etag: W/"b41c-5d31ae8716d13-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpQGDAr8LYiC%2BxzOJzDmoICVRQ65xBihp5HOOMLpcbqXjF7EM2OuTAiyOzbQjkUFluTOqlze28WxDSEpDiq0J03zEwYLec3l%2F1%2F2iKtF7Nr0Rm2690iAUaiv5Wm24nvdrY4WrXcWKjuEGKPQBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d62acfedb0691ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 01 Feb 2022 11:42:17 GMT

GET
H2 200 bundle.js Show response
id.tellows.net/css/bootstrap-resp/ 85 KB
28 KB 65ms
65ms Script
application/javascript 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.tellows.net/css/bootstrap-resp/bundle.js?v=18
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 790b4d65c99242a17064cab9308d2a1bc77bb89133f467e19117eaee8f9ddc04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Jan 2022 08:29:04 GMT
server: cloudflare
etag: W/"1556b-5d61369687ec8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kp7BPRSZ%2FLea%2F6oqazMPn5cbLNkwzOmY7XOk%2FLLIGDcw3ZQ4K1MftuDIzO%2Bjct8oAVi60vVb%2FqKz2zK5DJVw7VG0Uxv358RCd2xp7aoIM0oLbJV9HBT9yNVtSBza9PXVErNRcFiTtIUqxV5qcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d62acfedb0d91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 01 Feb 2022 11:42:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 161ms
74ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

57497199f9b1d717565cff26dd8727c37937159984fc901b27c6202efaaf65a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27099
x-xss-protection: 0
server: sffe
etag: "1118 / 248 of 1000 / last-modified: 1643622412"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jan 2022 11:42:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
52 KB 154ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04b8a050856056ec7cafc1623d1cb72a4c4016d96a1203b7ba6ce38df88b5f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52527
x-xss-protection: 0
server: cafe
etag: 51257200861323524
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 11:42:17 GMT

GET
H3 200 logo_res1s.svg
id.tellows.net/images/ 3 KB
2 KB 37ms
37ms Image
image/svg+xml 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.tellows.net/images/logo_res1s.svg
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3218ad45d9670bf8a5f36a67527d40a468acddd10b7b5c68f5d652fbfb547328

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 02 Aug 2021 07:47:00 GMT
server: cloudflare
etag: W/"d14-5c88ec638b3d4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFEQ68%2BIAsZRbk1gdPEqQ1lYy0JoIqt9aog%2BrN6kuotKSkxzbBDL2kP9EzuhIzI23iAgGptqotMQ8PnxWSNgxiqiDfPy%2ForR8fksu1FKV6qHbID%2BUXpaaELWiskcP9V7xpwn9Jy%2BK9ENPKUEmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d62acff2c40909a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 01 Feb 2022 11:42:17 GMT

GET
H3 200 start_score_1-9.jpg
id.tellows.net/images/score/ 14 KB
15 KB 49ms
49ms Image
image/jpeg 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.tellows.net/images/score/start_score_1-9.jpg
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5282bf4b356e8e0cdd5b79b770f43d8c6ec0b891b30f958b50d511dfac917bd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14331
last-modified: Fri, 30 Nov 2018 08:57:25 GMT
server: cloudflare
etag: "37fb-57bddfcee0740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNScZpBfJJVYcd%2BvOEVXJnb7p80X4TwaU0KVAXTdUiVopHMc9ZjNekrfKYZA5VLHBfh2%2ByFkq9diznN7y%2FllcLNKyCf2oq2hyayn0zMS1Au3FdNlh15SCMJ8iF%2BfDHiyD3hp93hH8JrPTQEcbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d62acff2c42909a-FRA
expires: Wed, 02 Mar 2022 11:42:17 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 779
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (frb/6731)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 start_visual.jpg
id.tellows.net/images/ 54 KB
55 KB 57ms
55ms Image
image/jpeg 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.tellows.net/images/start_visual.jpg
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8f7a0ef057bca814af78355732549cceafc8ac1436cbd15769bfd1fbe70e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55472
last-modified: Thu, 29 Nov 2018 13:12:29 GMT
server: cloudflare
etag: "d8b0-57bcd6f472940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQ7w%2FZbpThi0AOBVp9F5Yj9%2Fyj3Sq%2FLfxSUv9m8K5lHctwr1bJRiYVliQSGD3cv7t6nxvaOGrxr4hFWGcChiR9%2Bv8%2Fz6TshkDtsAhsKZxrq9FQUiLUD0AAUu56v6Yap29uZEZOZU7x1TskzquA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d62acff3c70909a-FRA
expires: Wed, 02 Mar 2022 11:42:17 GMT

GET
H3 200 stats_startpage.jpg
id.tellows.net/images/ 47 KB
48 KB 71ms
70ms Image
image/jpeg 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.tellows.net/images/stats_startpage.jpg
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4d549a5a6789b5bff7069f76dbca11f9f6b91042bd9fb4ac9de7ef2b5a4308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48210
last-modified: Wed, 28 Nov 2018 13:38:08 GMT
server: cloudflare
etag: "bc52-57bb9ad3743e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwBD2CHcmsGH9ZV02VIvtsFEDzhlrN11vORh6sotJb3nta8WW7V8oZsqvBrtK1E%2BuokSD8HkfHFUayLpVdwsM5LedGPnGfrw1YOguIR%2FtNfvzZTyzZATw76gCjbVK0enR2jm2R2CwdwulXueBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d62acff3c7d909a-FRA
expires: Wed, 02 Mar 2022 11:42:17 GMT

GET
H3 200 loadblogrss.php Show response
id.tellows.net/scripts/ 133 KB
18 KB 201ms
200ms Fetch
text/html 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.tellows.net/scripts/loadblogrss.php?site=net
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866d69ed9ab89aa39d47bda16f2642df5b8cd85bff05286a0dfad18d60893b50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mypL%2Fsgf9V36WyQnKwwTGjsSQYZJqHbvb6BkFzn4T%2FMMRuVDbp5aaMNrs6PE4f4ndwDMSwbhO0kPZUaNcKTbB6GQOkbEiX%2FYz3mFKD5k424p5KmgxC%2F01tWzc73%2FaI%2FcqYpUNqQebEu%2Bb9eTEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
cf-ray: 6d62acff5ca4909a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 01 Feb 2022 11:42:17 GMT

GET
H3 200 8d50d0ef11ba0193f8d3.png
id.tellows.net/css/bootstrap-resp/ 9 KB
10 KB 45ms
45ms Image
image/png 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.tellows.net/css/bootstrap-resp/8d50d0ef11ba0193f8d3.png
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/css/bootstrap-resp/home.css?v=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cc25d5675f011e24119f0ce77be31d263f7e7147b753d9ced3f8ceb0feef21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/css/bootstrap-resp/home.css?v=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9615
last-modified: Fri, 30 Jul 2021 10:03:53 GMT
server: cloudflare
etag: "258f-5c8545644461e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi6Sw8juHnj55z8%2FziVvpLtLP5%2Fxlx6xcbiWm7lkLC4g5EgAsrDQ9cRAPyBgy8sclJpHPei%2B76OWdbpP%2FwOjOUCTKna0Zq4wMQcUuOLAQbIn0kSQetK%2ByxBP9g5tIOdl9FC7Dk2QNYenwz7mgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d62acff5cb3909a-FRA
expires: Wed, 02 Mar 2022 11:42:17 GMT

GET
H3 200 48a3729bc96b0eb4cba0.png
id.tellows.net/css/bootstrap-resp/ 6 KB
6 KB 44ms
44ms Image
image/png 2606:4700:3037::6815:597d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.tellows.net/css/bootstrap-resp/48a3729bc96b0eb4cba0.png
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/css/bootstrap-resp/home.css?v=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:597d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22012240a6b9a0cf6429cd0289bd87faa5375f254c8c996194009c84645fcb19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/css/bootstrap-resp/home.css?v=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5704
last-modified: Mon, 30 Aug 2021 12:22:38 GMT
server: cloudflare
etag: "1648-5cac5e387e2e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGUVIBx6LMcuWlfDmFu7PewqixXLRl2X5tDv1dMG2WC4DDzGfEu3ydvWwu51khmXuaXuEXeuD8hUlvNIG36JJ5CeNqfFN8SnaqZ%2B2FqOiHH7CikmcX50%2B76CkB4kcSz9UsrxJ9atlgAn%2FZecnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d62acff6cb7909a-FRA
expires: Wed, 02 Mar 2022 11:42:17 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2388
date: Mon, 31 Jan 2022 11:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 31 Jan 2022 13:02:29 GMT

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame 35B8 319 KB
104 KB 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fid.tellows.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 300957
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 31 Jan 2022 11:42:17 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 35B8 232 B
448 B 139ms
117ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ea81cc9a6eae35803497e68564f45c6815e4949d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fid.tellows.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 11:42:17 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e8da0dbd572596d7bcd992a1c441b63265d66c1d64f30441a9547a3b4e6dac3c
content-length: 166

GET
H3 200 pubads_impl_2022012505.js Show response
securepubads.g.doubleclick.net/gpt/ 354 KB
119 KB 88ms
40ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122166
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 11:40:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 108 B
116 B 91ms
46ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=id.tellows.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

48f51f637283068eeebbdd97d8457af301fbb1f051bbb5fad6ec0d988aaa9e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Mon, 31 Jan 2022 11:42:17 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 93ms
46ms Image
image/gif 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1389091246&utmhn=id.tellows.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=tellows%20-%20Komunitas%20yang%20menyediakan%20informasi%20nomor%20telepon%20dan%20nomor-nomor%20berbahaya&utmhid=1089536134&utmr=-&utmp=%2F&utmht=1643629337676&utmac=UA-15624665-38&utmcc=__utma%3D1.1744312839.1643629338.1643629338.1643629338.1%3B%2B__utmz%3D1.1643629338.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1160102877&utmredir=1&utmu=qhQAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260301/ 284 KB
102 KB 108ms
64ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7355140920468051&plah=id.tellows.net&bust=31064586

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c004241fea74366820f9f01c8667d8e22e7c15952c2a05acbade2d7537debb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104587
x-xss-protection: 0
server: cafe
etag: 3098662309880244537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 11:42:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame E776 10 KB
5 KB 129ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:32:23 GMT
expires: Sun, 13 Feb 2022 15:32:23 GMT
cache-control: public, max-age=1209600
age: 72594
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:17 GMT
Content-Encoding: gzip
Age: 300958
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:21 GMT
Server: ECS (frb/6738)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:17 GMT
Content-Encoding: gzip
Age: 300953
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:21 GMT
Server: ECS (frb/6731)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 163 KB
9 KB 252ms
199ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_tellows_id_old&dnt=false&domain=id.tellows.net&lang=de&screen_name=tellows_id&suppress_response_codes=true&t=1826254&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

b38771c470632752d8e4a32287a0c31020e0256448f71b390b47e0767b0ddb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=193
content-length: 8350
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 178
last-modified: Mon, 31 Jan 2022 11:42:17 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 1f034acb24fbce256d7939d7ddec2c35a7eee163e28fbc7715d6f5245aa5ec87
timing-allow-origin: *
x-transaction: b42a113a45c0db0c
expires: Mon, 31 Jan 2022 11:47:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=id.tellows.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 135ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=id.tellows.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
30 KB 1058ms
1058ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1609483219590685&correlator=699220331175151&output=ldjh&impl=fifs&eid=31061815%2C31064559%2C31064613%2C31064621%2C31060032%2C31062930&vrg=2022012505&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=2521801%2CSidebar_1%2CIncontent_3%2CComment_1%2CComment_2%2CComment_3%2CIncontent_Bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x600%2C320x50%7C300x250%7C320x100%7C336x280%7C320x50%2C320x50%7C300x50%7C320x50%7C320x100%7C970x90%7C970x250%7C728x90%2C320x50%7C300x50%7C320x50%7C320x100%7C970x90%7C970x250%7C728x90%2C320x50%7C300x50%7C320x50%7C320x100%7C970x90%7C970x250%7C728x90%2C320x50%7C336x280%7C300x250%7C728x90%7C970x250%7C970x90%7C320x50%7C320x100&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight&cookie_enabled=1&bc=31&abxe=1&dt=1643629337868&lmt=1643629337&dlt=1643629337391&idt=456&frm=20&biw=1600&bih=1200&oid=2&adxs=1142%2C152%2C152%2C152%2C152%2C152&adys=180%2C498%2C3223%2C4780%2C6006%2C7089&adks=3080137025%2C3940275376%2C3324402037%2C352866272%2C2466905212%2C1300612519&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fid.tellows.net%2F&vis=1&scr_x=0&scr_y=0&psz=306x0%7C966x250%7C966x250%7C966x250%7C966x250%7C1296x250&msz=306x0%7C966x0%7C966x0%7C966x0%7C966x0%7C1296x0&ga_vid=1703246909.1643629338&ga_sid=1643629338&ga_hid=1089536134&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

93f36dc406d32e61aeba986c91e1151e0922e7516971854e14e7aefe007b2236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30193
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://id.tellows.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADE3 6 KB
4 KB 188ms
74ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
415 B 58ms
44ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=id.tellows.net&callback=_gfp_s_&client=ca-pub-7355140920468051

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7355140920468051&plah=id.tellows.net&bust=31064586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

5f2decc3ffee192eb38fc776f048c75e1d64b7c2d277437179fc86a0a878b422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fid.tellows.net%2F&tn=DIV&id=cookies&cls=cookies&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D00 131 KB
33 KB 524ms
477ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7355140920468051&output=html&adk=1812271804&adf=3025194257&lmt=1643629337&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fid.tellows.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643629337691&bpp=2&bdt=301&idt=199&shv=r20220126&mjsv=m202201260301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7118021390674&frm=20&pv=2&ga_vid=1703246909.1643629338&ga_sid=1643629338&ga_hid=1089536134&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31062423%2C31064586%2C31060032%2C31062930&oid=2&pvsid=1609483219590685&pem=761&tmod=322137960&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e68cbeb150fd7a642af63fe2f325df4865b9f450e8b29327bdb2a447069af859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 31 Jan 2022 11:42:18 GMT
server: cafe
content-length: 33637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:18 GMT
cache-control: private

GET
H2 200 1vE2_qqc
pbs.twimg.com/card_img/1487329921945030656/ Frame D380 7 KB
7 KB 16ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1487329921945030656/1vE2_qqc?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

650e833e3c58ad49fb494b4ca78c027b2583ee837528c188aeff1c54c9b5a65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 172433
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7074
x-response-time: 137
surrogate-key: card_img card_img/bucket/6 card_img/1487329921945030656
last-modified: Sat, 29 Jan 2022 07:39:01 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5ecf7712db3cf69783b75adba9891e5f445915d5946a58ddf99eefdf2be0aed3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0GqfIWMt
pbs.twimg.com/card_img/1486661669321416711/ Frame D380 7 KB
8 KB 18ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486661669321416711/0GqfIWMt?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

1a81da962ba300addfcec11c8ae7f4a495ee437de0dc6fbd603934db202a901f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 346595
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7530
x-response-time: 144
surrogate-key: card_img card_img/bucket/9 card_img/1486661669321416711
last-modified: Thu, 27 Jan 2022 11:23:37 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 371fc08fbd7e4d960f66b9190579d14175220bca7938389759abeb246df010f5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 MQwdau5d
pbs.twimg.com/card_img/1486597220568862720/ Frame D380 8 KB
8 KB 16ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486597220568862720/MQwdau5d?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

acf6d1cc9444559574ff4a20b692cd3870bfb1ed3bd7983cdd807f90da06a618

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 361658
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 8049
x-response-time: 142
surrogate-key: card_img card_img/bucket/2 card_img/1486597220568862720
last-modified: Thu, 27 Jan 2022 07:07:31 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eb56de4821f79e3a9607f66a172797451d32f57fc9c5fe63311b82d49f00c211
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 On8eWGmr
pbs.twimg.com/card_img/1486291744392101894/ Frame D380 8 KB
8 KB 18ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486291744392101894/On8eWGmr?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

ae82b60130953841c9dcb8194c473a203ae3e46ff2cfcfd6c3dbcde33124654c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 381291
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7982
x-response-time: 139
surrogate-key: card_img card_img/bucket/1 card_img/1486291744392101894
last-modified: Wed, 26 Jan 2022 10:53:40 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b154113166b37876c8cdc2cadc6c271a786e0f74319f19830c32db2de7f076eb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 6k7XPan9
pbs.twimg.com/card_img/1486951987199369218/ Frame D380 7 KB
8 KB 17ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486951987199369218/6k7XPan9?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

922a6318eb3fdd36bed74de0c7dbd937cd39ebeadf309dd5e52eb58e2671abb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 276789
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7558
x-response-time: 134
surrogate-key: card_img card_img/bucket/0 card_img/1486951987199369218
last-modified: Fri, 28 Jan 2022 06:37:14 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dc7d2c027fee1517cf009fec4e8f0384c7150ac9a3037f95d72bc51ca6f4e943
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 m62MUdaa
pbs.twimg.com/card_img/1486557960893796352/ Frame D380 7 KB
7 KB 22ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486557960893796352/m62MUdaa?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

3a5a0f005e5643006a40b3f7910a5cca1dd44c02bb99edf781f48162018240e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 317313
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7085
x-response-time: 204
surrogate-key: card_img card_img/bucket/5 card_img/1486557960893796352
last-modified: Thu, 27 Jan 2022 04:31:31 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8043e3e18c6905d33926f7e2c3337049e8689206506573b010232163ed5b68d9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 R-1R5OfL
pbs.twimg.com/card_img/1486168615502385153/ Frame D380 7 KB
7 KB 10ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615502385153/R-1R5OfL?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

c416246777531463a86c6aa5e60b77ea850ab647980f78920929c2b3f3378467

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7086
x-response-time: 137
surrogate-key: card_img card_img/bucket/4 card_img/1486168615502385153
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8d91f30bdbcfb4c5f7e0f0088dbfd9dc25500bc06c83440a46d8207155b79220
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HkUVjFMr
pbs.twimg.com/card_img/1486168615275864065/ Frame D380 7 KB
8 KB 11ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615275864065/HkUVjFMr?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

23b63e226e992693f10ce47196a6ff443239759f7e5faa4f19f412b29c437b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7674
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1486168615275864065
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3a4ae4c70200b1966f2b97a01194366a42816e4c15aecbea7f08f1ecb3b7c609
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HLF8Juuu
pbs.twimg.com/card_img/1486168615833726978/ Frame D380 7 KB
8 KB 10ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615833726978/HLF8Juuu?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

4af79806cc8f87c56d876522d96eee1a5a3e717e130860f800c142fea37719e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7664
x-response-time: 141
surrogate-key: card_img card_img/bucket/5 card_img/1486168615833726978
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ed294306674808feab40f5874b30a775504890503276366e9f1f3794f45ed872
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ECPV_zvH
pbs.twimg.com/card_img/1486168615825346563/ Frame D380 7 KB
7 KB 10ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615825346563/ECPV_zvH?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) /

Resource Hash

9a394fd458f741993a8a4e797f6772c5928b4d88b59959e12e706f80ac1a5208

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7322
x-response-time: 145
surrogate-key: card_img card_img/bucket/0 card_img/1486168615825346563
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/67BE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c3f578a597d3cbd0293064f2be9321631566e361dfb19efb91fc00b259b4aad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3hwDvyFM
pbs.twimg.com/card_img/1486169946933854208/ Frame D380 7 KB
8 KB 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486169946933854208/3hwDvyFM?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

63e2a842272975f5820a413d4d2fbe6c56a42f42de5cd96c1de0550b02c8b21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7543
x-response-time: 150
surrogate-key: card_img card_img/bucket/6 card_img/1486169946933854208
last-modified: Wed, 26 Jan 2022 02:49:41 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: baceef2d05a835a3ed3f3b04e1c0ca5357dc9103d10f813f7c274cd287942df4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Xqoy0UuA
pbs.twimg.com/card_img/1486168614957088772/ Frame D380 7 KB
8 KB 8ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168614957088772/Xqoy0UuA?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

57a2a4e0192326d3a2824c6117673a4bb5fc9f241e58562bef65306705ff62e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7555
x-response-time: 135
surrogate-key: card_img card_img/bucket/8 card_img/1486168614957088772
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1ae67231b8589656582d25e4d48fc522380f245cc6e835b5a9336e85b107518f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xloVcQRc
pbs.twimg.com/card_img/1486168615938572289/ Frame D380 7 KB
7 KB 17ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615938572289/xloVcQRc?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

64d5a23ca6a679db3981b4683fbfa2ad9630312943ec6f059b42a4984063b608

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length: 7026
x-response-time: 138
surrogate-key: card_img card_img/bucket/5 card_img/1486168615938572289
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f87c3824ea527b3e0cd57f56783ccac0d53e0dc642aacbd29281c1a78bedba00
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1-N33o0J
pbs.twimg.com/card_img/1486168615791763456/ Frame D380 7 KB
7 KB 18ms
15ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615791763456/1-N33o0J?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

e7a47b9e0d8ea909a3d6e95f081c5b661b67340cec140af56f1e3a72435098b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=4
content-length: 7042
x-response-time: 149
surrogate-key: card_img card_img/bucket/0 card_img/1486168615791763456
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1cccde654e1a5e80fe2f9c267f84196d05aa0c4514d3b88803f9797c0ea6bb42
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 tOsrP2dv
pbs.twimg.com/card_img/1485846797612642309/ Frame D380 7 KB
8 KB 18ms
16ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1485846797612642309/tOsrP2dv?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

3bdc8c9f7d2147bb29f50034767d0ac8fb502f64e6bba2e4c211274210acd9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 529769
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=4
content-length: 7541
x-response-time: 138
surrogate-key: card_img card_img/bucket/4 card_img/1485846797612642309
last-modified: Tue, 25 Jan 2022 05:25:36 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1101a3d475d26bf78770456d6d713744b930456d4954d00d02802e8d46f99226
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8CAyUiqH
pbs.twimg.com/card_img/1488091315736760322/ Frame D380 7 KB
7 KB 181ms
178ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488091315736760322/8CAyUiqH?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

3bcedc91867ef9556387ba82898a650e02a05d2a1af99470de2de5f276b57889

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=167
content-length: 7258
x-response-time: 148
surrogate-key: card_img card_img/bucket/0 card_img/1488091315736760322
last-modified: Mon, 31 Jan 2022 10:04:31 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1267603889dc538264d3811624bc9b48cb0b1cb2f54a88e8677039f77ba68616
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 M1Jc1wWM
pbs.twimg.com/card_img/1488090935338876931/ Frame D380 7 KB
7 KB 175ms
174ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488090935338876931/M1Jc1wWM?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

c851c624da29d5cedabf42ea7861d5382498efe059a337a6d8fe2876e436bd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=163
content-length: 6988
x-response-time: 145
surrogate-key: card_img card_img/bucket/5 card_img/1488090935338876931
last-modified: Mon, 31 Jan 2022 10:03:01 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1495cae8349a44954f76ca335bb892deb41c376ad70c1433c0594518759c48ab
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xcA2dZfR
pbs.twimg.com/card_img/1488006020060573699/ Frame D380 7 KB
8 KB 17ms
16ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488006020060573699/xcA2dZfR?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

a997f2bc6e2f83bd83498477cb5da2465032589e9b26c122cea168b4f110a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 18014
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=4
content-length: 7537
x-response-time: 140
surrogate-key: card_img card_img/bucket/0 card_img/1488006020060573699
last-modified: Mon, 31 Jan 2022 04:25:35 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: adfeab782cf8224fb1193aa6867ca7ba51bfc9d00218984326d41c4a6332b79d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 WJ-Tt8BL
pbs.twimg.com/card_img/1487979133913427968/ Frame D380 7 KB
7 KB 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1487979133913427968/WJ-Tt8BL?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

cba6644ee504779a7dfe750b7ad7fa382e6ccf1fde881f4f39507edda4052706

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 31152
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7036
x-response-time: 154
surrogate-key: card_img card_img/bucket/7 card_img/1487979133913427968
last-modified: Mon, 31 Jan 2022 02:38:45 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11d480aef690d80994fad417b1a57796dbbb506e4af84a2f0c519db5d9bd398c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 N9ExaLHD
pbs.twimg.com/card_img/1487330967219957760/ Frame D380 8 KB
8 KB 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1487330967219957760/N9ExaLHD?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

8908f3614fe3591079ac74b1ae301526a988260d443e5e3320584357dd6b41fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 172433
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7797
x-response-time: 145
surrogate-key: card_img card_img/bucket/0 card_img/1487330967219957760
last-modified: Sat, 29 Jan 2022 07:43:10 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 08fc05f50044dde8b6b1226c6d60d3a65df6136c8a5da8f5ee0197f0d0b5ad9b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame D380 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:18 GMT
Content-Encoding: gzip
Age: 300959
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:18 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:18 GMT
Content-Encoding: gzip
Age: 300959
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:18 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 vimLlxWH_normal.jpg
pbs.twimg.com/profile_images/1410526352902590470/ Frame D380 2 KB
2 KB 145ms
144ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1410526352902590470/vimLlxWH_normal.jpg

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

a2f4bf8ded6d34edea50fa8ef61fb0c6828161174550ec6effab6a4ac410e31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=138
content-length: 1731
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/5 profile_images/1410526352902590470
last-modified: Thu, 01 Jul 2021 09:09:03 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 75b38c8208e4925397a71b3f6a5b51b5cc8fa13cb659baf1d423a4d7a099d889
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame D380 44 KB
7 KB 49ms
7ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346457
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 8b530318229b2ec0eab4a02d8e3a78240dff34e519295945086cf83270885199
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 07 Feb 2022 11:42:18 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 53ms
11ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346457
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 8b530318229b2ec0eab4a02d8e3a78240dff34e519295945086cf83270885199
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 07 Feb 2022 11:42:18 GMT

GET
DATA 200
OK truncated
/ Frame D380 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D380 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D380 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D380 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 1vE2_qqc
pbs.twimg.com/card_img/1487329921945030656/ Frame D380 7 KB
7 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1487329921945030656/1vE2_qqc?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

650e833e3c58ad49fb494b4ca78c027b2583ee837528c188aeff1c54c9b5a65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 172433
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7074
x-response-time: 137
surrogate-key: card_img card_img/bucket/6 card_img/1487329921945030656
last-modified: Sat, 29 Jan 2022 07:39:01 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5ecf7712db3cf69783b75adba9891e5f445915d5946a58ddf99eefdf2be0aed3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0GqfIWMt
pbs.twimg.com/card_img/1486661669321416711/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486661669321416711/0GqfIWMt?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

1a81da962ba300addfcec11c8ae7f4a495ee437de0dc6fbd603934db202a901f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 346595
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7530
x-response-time: 144
surrogate-key: card_img card_img/bucket/9 card_img/1486661669321416711
last-modified: Thu, 27 Jan 2022 11:23:37 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 371fc08fbd7e4d960f66b9190579d14175220bca7938389759abeb246df010f5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 MQwdau5d
pbs.twimg.com/card_img/1486597220568862720/ Frame D380 8 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486597220568862720/MQwdau5d?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

acf6d1cc9444559574ff4a20b692cd3870bfb1ed3bd7983cdd807f90da06a618

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 361658
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 8049
x-response-time: 142
surrogate-key: card_img card_img/bucket/2 card_img/1486597220568862720
last-modified: Thu, 27 Jan 2022 07:07:31 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eb56de4821f79e3a9607f66a172797451d32f57fc9c5fe63311b82d49f00c211
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 On8eWGmr
pbs.twimg.com/card_img/1486291744392101894/ Frame D380 8 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486291744392101894/On8eWGmr?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

ae82b60130953841c9dcb8194c473a203ae3e46ff2cfcfd6c3dbcde33124654c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 381291
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7982
x-response-time: 139
surrogate-key: card_img card_img/bucket/1 card_img/1486291744392101894
last-modified: Wed, 26 Jan 2022 10:53:40 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b154113166b37876c8cdc2cadc6c271a786e0f74319f19830c32db2de7f076eb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 6k7XPan9
pbs.twimg.com/card_img/1486951987199369218/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486951987199369218/6k7XPan9?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

922a6318eb3fdd36bed74de0c7dbd937cd39ebeadf309dd5e52eb58e2671abb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 276789
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7558
x-response-time: 134
surrogate-key: card_img card_img/bucket/0 card_img/1486951987199369218
last-modified: Fri, 28 Jan 2022 06:37:14 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dc7d2c027fee1517cf009fec4e8f0384c7150ac9a3037f95d72bc51ca6f4e943
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 m62MUdaa
pbs.twimg.com/card_img/1486557960893796352/ Frame D380 7 KB
7 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486557960893796352/m62MUdaa?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

3a5a0f005e5643006a40b3f7910a5cca1dd44c02bb99edf781f48162018240e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 317313
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7085
x-response-time: 204
surrogate-key: card_img card_img/bucket/5 card_img/1486557960893796352
last-modified: Thu, 27 Jan 2022 04:31:31 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8043e3e18c6905d33926f7e2c3337049e8689206506573b010232163ed5b68d9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 R-1R5OfL
pbs.twimg.com/card_img/1486168615502385153/ Frame D380 7 KB
7 KB 9ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615502385153/R-1R5OfL?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

c416246777531463a86c6aa5e60b77ea850ab647980f78920929c2b3f3378467

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
content-length: 7086
x-response-time: 137
surrogate-key: card_img card_img/bucket/4 card_img/1486168615502385153
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8d91f30bdbcfb4c5f7e0f0088dbfd9dc25500bc06c83440a46d8207155b79220
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HkUVjFMr
pbs.twimg.com/card_img/1486168615275864065/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615275864065/HkUVjFMr?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

23b63e226e992693f10ce47196a6ff443239759f7e5faa4f19f412b29c437b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7674
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1486168615275864065
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3a4ae4c70200b1966f2b97a01194366a42816e4c15aecbea7f08f1ecb3b7c609
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HLF8Juuu
pbs.twimg.com/card_img/1486168615833726978/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615833726978/HLF8Juuu?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

4af79806cc8f87c56d876522d96eee1a5a3e717e130860f800c142fea37719e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7664
x-response-time: 141
surrogate-key: card_img card_img/bucket/5 card_img/1486168615833726978
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ed294306674808feab40f5874b30a775504890503276366e9f1f3794f45ed872
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ECPV_zvH
pbs.twimg.com/card_img/1486168615825346563/ Frame D380 7 KB
7 KB 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615825346563/ECPV_zvH?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) /

Resource Hash

9a394fd458f741993a8a4e797f6772c5928b4d88b59959e12e706f80ac1a5208

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455746
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7322
x-response-time: 145
surrogate-key: card_img card_img/bucket/0 card_img/1486168615825346563
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/67BE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c3f578a597d3cbd0293064f2be9321631566e361dfb19efb91fc00b259b4aad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3hwDvyFM
pbs.twimg.com/card_img/1486169946933854208/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486169946933854208/3hwDvyFM?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

63e2a842272975f5820a413d4d2fbe6c56a42f42de5cd96c1de0550b02c8b21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 7543
x-response-time: 150
surrogate-key: card_img card_img/bucket/6 card_img/1486169946933854208
last-modified: Wed, 26 Jan 2022 02:49:41 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: baceef2d05a835a3ed3f3b04e1c0ca5357dc9103d10f813f7c274cd287942df4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Xqoy0UuA
pbs.twimg.com/card_img/1486168614957088772/ Frame D380 7 KB
8 KB 10ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168614957088772/Xqoy0UuA?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

57a2a4e0192326d3a2824c6117673a4bb5fc9f241e58562bef65306705ff62e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7555
x-response-time: 135
surrogate-key: card_img card_img/bucket/8 card_img/1486168614957088772
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1ae67231b8589656582d25e4d48fc522380f245cc6e835b5a9336e85b107518f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xloVcQRc
pbs.twimg.com/card_img/1486168615938572289/ Frame D380 7 KB
7 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615938572289/xloVcQRc?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

64d5a23ca6a679db3981b4683fbfa2ad9630312943ec6f059b42a4984063b608

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 7026
x-response-time: 138
surrogate-key: card_img card_img/bucket/5 card_img/1486168615938572289
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f87c3824ea527b3e0cd57f56783ccac0d53e0dc642aacbd29281c1a78bedba00
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1-N33o0J
pbs.twimg.com/card_img/1486168615791763456/ Frame D380 7 KB
7 KB 9ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1486168615791763456/1-N33o0J?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

e7a47b9e0d8ea909a3d6e95f081c5b661b67340cec140af56f1e3a72435098b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 455745
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 7042
x-response-time: 149
surrogate-key: card_img card_img/bucket/0 card_img/1486168615791763456
last-modified: Wed, 26 Jan 2022 02:44:24 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1cccde654e1a5e80fe2f9c267f84196d05aa0c4514d3b88803f9797c0ea6bb42
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 tOsrP2dv
pbs.twimg.com/card_img/1485846797612642309/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1485846797612642309/tOsrP2dv?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

3bdc8c9f7d2147bb29f50034767d0ac8fb502f64e6bba2e4c211274210acd9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 529769
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7541
x-response-time: 138
surrogate-key: card_img card_img/bucket/4 card_img/1485846797612642309
last-modified: Tue, 25 Jan 2022 05:25:36 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1101a3d475d26bf78770456d6d713744b930456d4954d00d02802e8d46f99226
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8CAyUiqH
pbs.twimg.com/card_img/1488091315736760322/ Frame D380 7 KB
7 KB 9ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488091315736760322/8CAyUiqH?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

3bcedc91867ef9556387ba82898a650e02a05d2a1af99470de2de5f276b57889

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
content-length: 7258
x-response-time: 148
surrogate-key: card_img card_img/bucket/0 card_img/1488091315736760322
last-modified: Mon, 31 Jan 2022 10:04:31 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1267603889dc538264d3811624bc9b48cb0b1cb2f54a88e8677039f77ba68616
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 M1Jc1wWM
pbs.twimg.com/card_img/1488090935338876931/ Frame D380 7 KB
7 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488090935338876931/M1Jc1wWM?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

c851c624da29d5cedabf42ea7861d5382498efe059a337a6d8fe2876e436bd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 6988
x-response-time: 145
surrogate-key: card_img card_img/bucket/5 card_img/1488090935338876931
last-modified: Mon, 31 Jan 2022 10:03:01 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1495cae8349a44954f76ca335bb892deb41c376ad70c1433c0594518759c48ab
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xcA2dZfR
pbs.twimg.com/card_img/1488006020060573699/ Frame D380 7 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488006020060573699/xcA2dZfR?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

a997f2bc6e2f83bd83498477cb5da2465032589e9b26c122cea168b4f110a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 18014
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7537
x-response-time: 140
surrogate-key: card_img card_img/bucket/0 card_img/1488006020060573699
last-modified: Mon, 31 Jan 2022 04:25:35 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: adfeab782cf8224fb1193aa6867ca7ba51bfc9d00218984326d41c4a6332b79d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260301/ 150 KB
54 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260301/reactive_library_fy2019.js?bust=31064586

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fd4c4a5a221267eddd17014c464be23edbce8220488b20049d9980111381fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54757
x-xss-protection: 0
server: cafe
etag: 16418573362979664557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 11:42:18 GMT

GET
H2 200 WJ-Tt8BL
pbs.twimg.com/card_img/1487979133913427968/ Frame D380 7 KB
7 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1487979133913427968/WJ-Tt8BL?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

cba6644ee504779a7dfe750b7ad7fa382e6ccf1fde881f4f39507edda4052706

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 31152
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 7036
x-response-time: 154
surrogate-key: card_img card_img/bucket/7 card_img/1487979133913427968
last-modified: Mon, 31 Jan 2022 02:38:45 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11d480aef690d80994fad417b1a57796dbbb506e4af84a2f0c519db5d9bd398c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 N9ExaLHD
pbs.twimg.com/card_img/1487330967219957760/ Frame D380 8 KB
8 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1487330967219957760/N9ExaLHD?format=png&name=144x144_2

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

8908f3614fe3591079ac74b1ae301526a988260d443e5e3320584357dd6b41fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:18 GMT
x-content-type-options: nosniff
age: 172433
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 7797
x-response-time: 145
surrogate-key: card_img card_img/bucket/0 card_img/1487330967219957760
last-modified: Sat, 29 Jan 2022 07:43:10 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 08fc05f50044dde8b6b1226c6d60d3a65df6136c8a5da8f5ee0197f0d0b5ad9b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 93ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=id.tellows.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 90ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=id.tellows.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame ED40 10 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:50:50 GMT
expires: Sun, 13 Feb 2022 15:50:50 GMT
cache-control: public, max-age=1209600
age: 71488
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame ED40 4 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 10:20:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 11:42:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 11:42:18 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED40 205 B
743 B 125ms
36ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 04:18:41 GMT
x-content-type-options: nosniff
age: 26617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 31 Jan 2023 04:18:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED40 604 B
694 B 125ms
37ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:19:20 GMT
x-content-type-options: nosniff
age: 1378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 31 Jan 2023 11:19:20 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame ED40 18 KB
8 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:38:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 550E 8 KB
888 B 111ms
49ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 10:13:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 11:42:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 550E 1 KB
875 B 119ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:39:49 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 550E 18 KB
7 KB 105ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:37:07 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 550E 2 KB
1 KB 115ms
52ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 550E 123 KB
38 KB 186ms
88ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 550E 14 KB
6 KB 101ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 550E 27 KB
11 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 11:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 11:58:10 GMT

GET
H3 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2029 6 KB
3 KB 88ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2AF7 6 KB
3 KB 92ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A12 6 KB
3 KB 93ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E7D 6 KB
3 KB 92ms
52ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 493A 6 KB
3 KB 71ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BCC 6 KB
3 KB 69ms
43ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:42:18 GMT
expires: Tue, 31 Jan 2023 11:42:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D672 143 B
163 B 41ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:03:51 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AF1F 624 B
300 B 51ms
50ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjc55C_ATAB&v=APEucNUm0jCmvDj9cctZrlIutssTgtzK7T1XIigWA3v85tUhfeTUj4vUIyz3X4tebSVwVNKS-kQ0XrqBBYwoXlCMCPj8BLL64ut-8WBW6EoPJeOGpd8MmH3zlyFSqbfGnjVyi63E2yIOt1_Rj5E7zD_XLkZobT024w9p6dzqCx76dEiF7fp1LCcUn8WH8QGm7FsE1MRg7VBr

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2029 73 KB
31 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8pJfkqmi1rNdbQuqwW-W6Ux30MoX0HwUOuBWOBYm1o1OIHT9hbn4eBuRUtQgBCJDaHaRLlALDqk_FiCMUGCX80gBAkfV8LQWdwIIUVSnCdJJ--wHo3rwV7GAkWLjVTZkiF4H3Y83mMugNsMXE6n4646lExA&dbm_d=AKAmf-DHNbZrDYuUhqPfo--o-HbljG8AFwLE3QcdTj0JvZMh38VAqjsNh4gqc0QesPZuaRI1omGR4UpJVIyuzYiB6chlC0-wbPiDQv_5OhGLv-4eOLmSJYPTSBxVdeyeSBZR-VoplG3xctd1fAryNmLfjOeNx8lXEVyN466ieWnMh3UZYX02D0OyFmeRc_m5ceZD2RC3UU4kcdHQAl9v_6oks0ISjwOYnMWjWhIqrJOcW6lc38Fg_yPxIEgqSSz5aRT-8_bZuf8vKQYB23iWtCBSglr_MCu26iiXku5rOq6sYiCMC6dQpruKq3ErOtbHmTi1T23dYT44-7iebRYwh-A2xKRGUPifAsflpTuABnIhXGSFhbEOTTDAv6aAJFYz2SMqy01dqRg4Eg3b7NUSmz8pLNQ0URIpO0CRmh7aJb3Aav9xRziyJLIgru5IsscUibFyViWP7JD4KWcZA2uXkz636TVwp0pc_7G6o9oJ4L3ib8_0FbdUc4DN7TcLlMfcgtUW0SOUh1myMmfvrvBvXr-vPwIkvCEB4iw1x4u8QIsgY6Lr24cpHGZAiThndsR8kCkNT_Dt9qDw1rg6i6UbTcZY-pQ9e8qVTRRPm_hod-3zKmrk--r62mvBJySfgGmszeapRi7yDHl9LcAFAscS4mOFhbEjXmZpDpk1_y1RrKhQ4by5QjG8cSsnzirDF75ZDtO9Z9gKp7HejY-CDIj87DqwdPtTdjJCxM5RETIVi9xIJb9Ly5BmFPTztA6jO0NPROKb3IgUyLykbrPrKNtccfwEJaQEcaqguS0Sg0TPVBaThV14KS85urHtNDEsblkXo6aoa0moCn1HOMjqVv_FtdsJii0i0P7JkoT-IntVgmlU1hpFK7kSWzOj2wkE908F-oyL9Ru5zPOllciKuXdDkxfG3x1GWvzO1OaqVaKRth7XgGrVSy6aiB42QR-y1VSMqOlyCDkwzb2Si48gohCHUvj0lfZ3elfaobATZnyLGS0ru6DYw5rJA-Tf5INPCHdoLC-wnef37TArQdV757s17nMbi9uHRiu3Sthhr1shUFY7WcHok3nsoL9zy9GBaW4r3bohUVsGhIKP0_-LEBq31-_8RBERto6qg5K1Ayg28-umlqvXH2UgCi7fwObHnWBdszUZPZFffW6LJI9KVoL7GJj4qKd8FLiDcOWmdnQa-dFGVqQAv-5o49N_sRTdXB1Tp_sVY2tJscCBzhd_Yqj-iYQZ7EL9Ab3XYG9FDMzAJRgCWSbmHg1vumBNpuALfamu6Ki90NTzjcpVUSbio5cg9BFS5WnFCzUR037pFe2SSN6EfRPt-MByNcqYIRWxnkBIW1FDgJ-on7_ScVUQVZXtdvP8foncU6uZCvFlH2QDTGECdQic_ZWGVtAKbVnQwMWlLGjmYoWYlH8DB8D8kxvhRl7k2bDXbEkkDLndCtZc7I_PiBx3aK_D_67mP3yrrxTRCgq_9uATwwTn918oqaplIuDa0_ysvw9IB2noFC_i39ePJVgXA74fsjUWDprZ3pcE54qmuy24lwdMCei840N_vuAWfV-YPODzCUueK6xxMQU2OHXW_fO8MX7ASOZiNLx3D-UA32wiULB_6hDIoYMY0mYKCjFUvemq5CyCe582xIE7078m9p9UmX7aR8hYJiYOUWjcjNw8hTkITLGIn9tXEt4QQpuGVJb8MySn2ZKOv8DhCBRXpEDwQK4bNacxBKV4pmKN3JKVwMeBvm4tqiAMDEvXKlF17HlXrLyhH1ud_W3K52gMHefUg38VvIxN18AFwJdqTiPTbqXO-vMRquSeOVhHH39biRwKCC7YZ7x93lNFfKC6Nqvd44zZ1xudlYUHxmV7uEBjXt3ddJOVlNgeQxh82vYFtUSelnFXnQ4iFepzI6UJlVwAlono0vEPzD2YHgVSZS3PGqcpZfJHa-rn2QZpaovxd6vDSua6kh587vDUUBpTmgIt7ILjGxR6qBszCTRbaYE8ySs8DSSnpAVf1Jz7r-zw4QU9Rpg00oKUdSj4fJASX6OnxhXJxIsD4PKcO_7Ztofn-DRIpE-038EX3ik7OsVc4h-wq2BSLEqXIekP-7sMZKm7u08QYiPiZ3MEApQxOUESgXT6qlhhs1zvr8yLFHnIzXlATlV25huTBIDRoHZLG6gW5MrSpw697XGyLXhX8MsOvdXg9REC9dymjYwcrxGu460vSJ_IdHXkICt5SwdYJtpx7dsnZAEp5s8XBMjA8QlN9pbEz6jd92j_znxCyT85M6rWNHCw4VN62KiAHZWxEMz1lXRNKrQHxYYGtDf_me17hTLC9lif_0Ci1wE_WfV5deWNVBrKV9FVKUzAQX8ISPlTVYy8Kriza7zMX1jzUU4ffW3yNsIr1gqrM5q_XIHjg1sN8iXtie4BD1BC_bckAoJuhJP78IyB60UMuOspt1SWi2TnsF-xx03cNZhwdlDJtYaf4Rp5Y6sOyKznw0jXB4_sPqvFbEBYfl4BWe6LPO0fI3gbGK2l3TeQgdmA1PYgVtKVWwlAx7dIjOXCC1YhHzuvHCvFg8JOEU7wuw-Bd6tiZ4HVIXra_H9IKMTkNF5Q1KlzflMA25euC-Vxubfa_e0YQqbxJpcis12TD8pK5RfxIn8d9UguJ3_3mwMvmiNfuLOwkgeAhckHy82_Di25eZz79hDqXSt2iVVoaukR9976AJEDqL251EoabHsEdyiS576PG4SffXhFfB5tED8gbzyQCStr003d5sFRjHstCDdvo76ezKtWBYLisAQUoYVDHPTMoUi69WqCf7BZ6r9Ygf8ddZdPaUY-21YPu9ucZZfmWVtpgWTxuwbOoz-IT8SYcEhXINmXYp6fPo8Oh5HrXYRff5Ns-Nanmkl-uB9XVpyS98HSaB5U7xRvUuSt2GYIssh7Vns9RrzdPHg2bM19XqrBiQG9U1cNdYcCzy1AdqyHo2YKJ5aePL9KGf2itFWcpJSuRVTPKhg_EvNf-Lwy2RrQaOEqBm6D4CsNk_cgWH2WI3U4zrdgV1cZPEGlpu_6lJGy71dTnzcgT6wZhlSN7eBxeHitKQORHLoRtxvn9bHXn8eVLt3KytXB8OQetELyz-nn4QKXsaEQ-KOsZCZpDSn9GFaOqurRC7Ft-a_I20dYUtT5&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37288ecb2db8752e8064471c31f88d4913a0cc903569daa4b90213d80f592521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31518
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2029 42 B
63 B 70ms
70ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZXz2Lnjs4-OpKP-zo7CqxQ4jmXZhAWTVLOyPvhhIPEoBZC1TpIG_fNFlW_iL6ObwSRkgjbsWfdP-aRDat0iUUM9_M6BQ_V7AB-aaNhqJC6G1uLV8

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2029 2 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2029 123 KB
37 KB 164ms
163ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2029 14 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F410 624 B
300 B 51ms
50ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVBRG8W7mX2xlkcfP3evcO06sE3lQSksaxDAKERaWv-2tqKCffpdHjmj-X6Y0mu5HCotqGHn2NpqKZxajQnDoeq3ejKnedvV_Stx4vkmzXCKopNk6xL8Q7fhs0O_6g5_gVCcLKCmOWpI_JsWPmfFp3xi62etnnjQPtrgmfHgYVff0tK4f9Ll5WAe0s3L5ReK79gSx9H

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 493A 24 KB
14 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpSwt2wjRxCPPvgbU2CudTSOAkyEVuxGIMMx6l9fOgeEmPuCXaEbLHaXP1iTrsbm0w_IYzO3xSZRfI0oxw3w0DtCL2VX41kIUWbREGKzt76-JjmpOIq_SVln4qz-E5Hs0KKUX89f82iVUPjSEr0WPRCMgbVA&cry=1&dbm_d=AKAmf-DWUU8OWPUZfk-9RyWv_drpQEM0VSQvPvcLCh4ksFsL7IgOlHcvDBXGeec-Tu1BUbExLWU6nj74We-B9b-YtaekKuYSukUm1s5S3luxZILKu-KynBmFlQQbMBse7sJyZUKBoxcX3jytYRsaQjW--kJeEsbIMPQ2-sLi_AW3QiOxoTEtmD3QB0T0u_0bpJW_hkkxzca22nOCnQx3Rvz9VR49xCfde744sSMD02C0h8eJGJwfe3ORNjfai_jCtkGi7PusRpapCpxGW8zjOi2gBB6W_DRZVONPPdfxriBLTamMnxvMGErEx7AOQKPx-Kff3xunp07oq_mOd_WU1ayoICX7ZnFumFtfUUlyijIMypE0WUlgvhyWJeTRcfS7IDGT9K442cb7lXwzpFkv3MAy5LfViOyRJYofvZ4GaDQUGTdU62jZfkOJyfPpL7cubTnrrN4QP4MvBWkYwuWPZpYerrFUQto-IMsImHBsWHsuSkhXlLjb1Yr6aeTPRfjByPhRlYtQngKL0axHzbFMCX_wgWxLB013CLWJNU8Tw3A3X8KqnlDexrjRAUfcJf2NdrPMZQMtrAv4sQ9EOBw78dcFAVFjBEtPHvTKbQYeShq-x9ooihKuFeTTSfQtnFNa1CC7bSaXqZMfE88Ja7ZirY8QQRO990fnB74OBufdC_BmZ0te4Ah-egIzsRG2g-mXXcNcVUAkgnNK8XEeR6UH12vET3Rlx9LUDIX4P35KTxDSbUQl6FOt2YC6QocqsqgJfOJbK93Hg6NGVWDCiYs9lwse7FFc2SWqJS2XYoTY2PVNzNPDSm1tWDCgyc5brcny85xC00RtKIx0K4b2H-eAhnUmLrBHbGEcMjOTQs-j3JYwD4VW-EHafBpAouZBAh7325N6PKx6_NLJCeTypvBMWduzcdLQgbFEvpu7kii-c3tDM-VeLJtS9zH_Fihn4JipQPhOWssNlpzgN6qpCvLe7AkTmKg5SjzVWQcxgugfaty1K4uvJurXC9BqgF5hFfhl9Xhp1Zp057PoBT829WLzxZ01KgTWCQ3_wDa78dPC7qPc4lOjsUIPjQURS6FtRQ3HKe0KI9Kb6jsecZRNYP49KyL69NnTY2ER9KDnXRXFlL4Nw1musJJShPcJ8RKAAxBouqLWIm_ZSzNYFwS7WEaXFzmK7vlNDTOPwzgmZMhjBbpnrHcSbjSQEMfXTzln-WQggGhEoNt_XMzG3oYlSmddAgQo_AEbldnz3ix2UGta6SmliB4c1Wc40yoXh6hjm4Ht-HDg0P416mSLuWG7rzz-VpnlRgWxw87OiAiMMON5grvgrerwx3OgsJN51lrwi0a8Eu79NONF1cBhRsXF2qyTwZWk7MCpfC9xnhyVxfjxsPQ3vDMz0VTkjlkJGFkNuH9aw5AUedbc8eHyXdQA2bvrP1Gr7eSFGRqt9hF5jKxqN__qBf8lIfqb5aS41ZJO0R55bVsFsZ5Oq-iK_igmWGbjEXOoBFOYXTHnyxaHRamEG9chubAL21DOmIci1De_jQ-ZrlOrhO7e-CO1zYUCIBT9i1vpX9YhI9sqLkEqeLsZlw9oh9181kdnRsNc7Rg-jq9hDsjXIt424Ga_IJYVYHCye8ijGHNPZBAmlq0S_Hsksx7H-jfayDn9AVmKdmwA4U-f_sNm5hxHeHZDj-_6S0JGxn5-d7OCUQsnvX2ai4KxQXrQYF4pithWM7Ck-be9jYu28u07h4iTO3kkmQMRFC9DCd2lSKrqiXlUkYNkYCXdxKn9l_ka6eO7ViN27u2maI4Ik9qtS_Kem-J4wMKCjFDe_FqEisLR-enOBoUmgOYEn5BKpra5h6X6r2J8kXomUXBpz_biQnUmj8LNODrqDrSfuZKZpBGe3wUvUaXkae7R7KVJuMWpYZWfyRZ4ySZLR9kcv1xH5CKjWjeXXmKHpSE7CQplzICPGZDj6azeIng_Wpow5eKky-B2_s2Cb3INSiHD5EU3tVBPIGtgOE0M0H7guIlilXfatYgNSSGfPhf1rjCxRIWDf-xPhr7xDVUMpEdK66uYmF1-fvkUdxr4KKeyD7tgoWrcIT86CxNq90A2Fq4bfNcmUHZaPuplyaakX4pto5y4MogsSqKtatHFg2WNaRHVN1ztPeT3WMyPwyNFniUBB-bPtbJPyHYHqlqlU99QRpWNfaji6QvAyScm21o_HK40lzk-QT6kq0WYGUF_4fF-Bd1MdSM2ea98WTHkbwFGeDrZLoPDqmdrbuHvtXiFTTB5NDoUcy0_zD0YUfR7eife912cRxIoAO3W26UJaRoRUeWkMLCWFUjFaFqdLJzPUFmvGSvt-pSILO1vnBWshvjl4A8jWul5swDrbSj8fP3eZNRsq-0CcDznNkyUP9Vfz0YBVPNX2w8wblUBGja2jdAStqe-a2chy6YQz51jr_cmtX-19LfH1iLD7fxv3sM89oz5S2b43TE7mKtBiI6bAy9WuJkCOebt3mIaLNhVu_M9uN01qmJml7xtrpNSmHN52X6hhe9bnUuPThLOkGjZ2F6w6zUvWRXbE3SuRXfaeEC1jNCk9Rxzp-odXUHNqk36A21wBZrfeuZe7vcaP1Na5vUwbFlPZfpKbfW70CFJmD9Qp9nl3XBI63lXhKbuVkfhI5mIzUL1m2LfLZKUTN7Laiws51aMtK6pQXTMq8bNsw-LPrmbqalZVD-uycHpBePi3j1ZstN34-1OZsoyzBh-9q2qnF9a51IY9zMtWhRJrPSCFoJct-3KRvkRl7MCjs-JQrtqmrdwG180niRocBn1YBUbh51A1f7lbeB98O01Y002GqYGEPPoJoy4j5BiLoT754xt-X-WEnCb3FWY84BDY8Wz1Y6WoCi8he6ulL2-v-ltb_zCOM4oDa_aEITbP-TJ_jTc4Wjp1dWDKhsxYO9FxvuHO-FqR9U1_poCm82YOrOH9c3_OaV0bxr4L3p7naEzbynKOSxzFNHNnrJUNOLsSQKgyiOIc1xRk4dnoO8WiTuf166NJ5tKcRDoKShMnEYWE0TgnxBE4HSBtLIa2zVredGpTk2jNvzQxDy7uvW6lfHs68brpHg7PGKY7mCcY1I1tUBHIfvhFXsWhGiNv4WukqPFIKbtFNiqALxKZJJG6fqA0EmCQKu7U3aDWYjnt_S3z65hIpleAuVJfceOQ74Ib1ssSw9tlrTxwgPv45aGK0S1eXwzz8LlFwEZ&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e64122fbfaddb159dd1afc0f21ebd44d1364fbf912f19fe9f6cf89e760dcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 493A 42 B
63 B 69ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbzVlQDEvFMaCI2l01E1Mb5WngsEoVOgnZPiugTueebSngkks7sL0kVP3TOFY8zHssSOmMgVdM0Vv2T4vEXtR8mvOK4-92B36nAAGL2ejC9wysH6g

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 493A 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 493A 123 KB
37 KB 198ms
198ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 493A 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0787 624 B
300 B 52ms
51ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVXK1ZRIB41UDEk1c4pq_fTL8A_-2QYmiA9BOSUtpPWowMUKTa2k6WIuPPdMnPkZU8h4_glcDYL-uVq9BJ5c4h55q0yQiRjYFv2vi_3OntL5ux7JpxMMWDjHvu0Ud9Uwtys2JahnTssOoZzrrmNEGgpr0mijC1VMY3h6CfnV0IDMDO6oX8ffC1qYugjGdBwh-BErIIN

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 58C5 24 KB
14 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3aMyodR22hysZTmGmFj7Otvqj7YrdQxU6fygQ5bA_rYr0VY-9zS6bmkQ61WOeCvpYGvObZkCQMddfFftFMNV-teSTFXmDRbejXSJMLe5HRbYVv_yoR8v5DUwI2k77NM9TRKnQH9k8bg6cvMRhyhtKIzjwyw&cry=1&dbm_d=AKAmf-ANSD-M8pp6Hzs06UXBetNb_BteVC4sQ--xnSEz91odYwSwtHWJBUJNMWLoTsPeHZz4lLGMxqj4u9Wg6ZnWignj2VZPmuL_sqlGLiD9Fi0xh_EvCkgEXLOjenMuShVV0UV5FHEF5UcGx17Nhh-0olJ0EYZtHhElsqcreqatYlY4dvwHaYpJWlyYrpOGe11peBzUa0447Al63-LiTF-YUPFCUkjv9P4JS-kgJfNBTmVZWUkWXScEmiUXU6qo6xJJUthCfIob9mHpOF67dL83tLDjtrJFODFEkTFNksvF1mti4F-R28ppJMmkwRi2Qrt4HhtC0S3fZAsaoBMIWmS4KSmOfwYkxt_kEuvjFuCo1XXUMUo8Zuii6t9V8mpqy0twA5fVyJ10tWRQxtdb5a-TDKl0e2NBSwA7nMRHatXux0KsVHGdoN0u4EMuP6fT2KD7kG-wuOddgY9fnVUSFI0wXPI2gEkHvMYa_9D8y8J6-JqLAEjNNWQRKPjHy80SdipEueI0luScEVAXA846at-uPyCRF6Vvyu_S9RFr2ll12qfrAjc5n56NkK36SUTRhuhpB_i4Nv1urmpdF_77y0yT8o_AUX5XW-xKfr1zR5BOa2M0wLvK3wwppzueI-uNs38reahAzkJWihAqZeLt4gKn0ue1z5JgVJJTq4P3UZpudGIDx4UTMY8Zx8gk1lp982BxPBaU-2p-yoOxhKM8taPgknNzSKyYRdAV3Hx_XLtHZSJ-xJuUE_pbmaZ33EGG6dpPDBebhELc5JmvkGoowTffriFUFNq3bulisnHPqVf5va6MgrgqibW-gMjo-UYrqnXnO0Bdy6rNtbo2VM_uTE5Hd7Hd0eHpw3ejXr_fuMvdM55WHWd54aRvKQeBH7TgluzlhH4ouPQWq5riMdPIQmoX2rEVyWGpQo9iD2zoQQ9TiAaGRB46zvQN3Hd7Vhgh9Ri17zwCDO0WlAILuGAK0wwS4GBcUBhCqFOuMj8ARx921ckB3wxHR46PZWvqtfQJBCHL-uz-XEv2eMkzjK81kQ92Esjkl4RVf-sYd3JP9SVbOl3vHVu7ORwLp_5IExRG_XkDYWrfS60TBV4L04Z2gm0y1UVrCwsxTcieYx8M8nFXI5kV8AuLhg7KI2yN2yaLkQM8rLmicxDZyT6M5udf8dWsYpFQwjJnGFgSQIkVncNIF-WQJYfJ0Ve10EZE33Bi5iL0aC3-3IhIO7Vk6Z1NwDsBLztiWLEuD_L0sHDnM0qocN5vsxzFEyYpHnYywQmDhHo9BaE-oN2Oq8MppXfv2NkM-jn7JPlvwM9S0urucW73lbyBttooG7YLQAZq2eaknTLT4G9CH4QaewtAAs9fcbBpMd9FTCO4f3082l6TvuJdTtr83xuP2RQxM41TDo2k0SMO1QQ9tKLgSIq_mwOHtuSAis1No044ljtUvF0a5scR8BQWrbi0UqGl9zxstvw5p37FuPkCQCbiHIbkrgbdemlpjxpuiPooYSxTGE1VXOFLLR9waRHJNJG6Z7m39XmczhNJmvPhb7dEXm3IXm3urqjvBw2005GAt0D1qaJJ3rVBS4YcPBSvlRVkMLivyETKQeRmLlOfDI1_dRWS3Z6yvnn312N2KF_jaAaAjT3bLo6rz8PXORy7O64QjWWpp5xmR9m1wO2U079X9NH6AAOlEv6PVlwpLWxBco6ROTmZPngDXgwkcYUCdAhhcxT8IXcE81Sv0g476WNtEhvf2ut7Nug0uY4uyRobFzWygXLxqRQiEVlxLp-t9HiH0TcmkIF7FtD2BSrqTzXYMlemfUVj21th072HixKx1-728t065cDP5pl00g6hVmXfwhPq6S4hziIabvYyuqN3Sfw2CcoVXwuz8VGF5TGECINlPeWkcttJk5cgUNNJb95xlQP_9jrL4hVTjfJpQlUlTHvgZ7xPDoFmaJDcF8MP1LgKUR5aCRq4XK2TOEa9Mk0F7vju5-hqubuHuEpHoX7taxpMebp_erR3EtcY1w2rKIAgGFj6IZ_yy_0OL0CMc1M8NJ0LBs4eCIC6njlxAosvyJHHOB2qaOSYedKstqCrLh2M1CTza24jL5cn0BC1W_PEWuNPXNQQq8rvxv_cXgBuMWIPqMmYSHcgx6Esabc9ko5pKTdBPGQYUooayDyeK6qhv5GAac8rmNBh7epGZCoZlFqQi7IuQP408lnG42WC14zj9NqPfKEKWVGYlWVWoZ1UarcK4xMRcP3HRiijhAM0PXXoZGkoNUwLLZZ6lL1JEOTv_S3eQ2dD3qHt2vUqGECI5IMm1JqlWObdnvrpvSSAT3Gk2qQd_KLP1rjaB6XbxBa6FvDs2rnpaEKLsqnEjB4gvG-aZC3EmlGk5rtb4SHVZ1544kjY54Zumg7ovAr56NqNtwf1A16_Y_L21sxXM9pIduD7ifD7lIZlvs0RbhuseNMmv54DYK6jwbwwyt1EJ_DVBVb4CauwAxJ3eCsduu1KqYrcB04PUwGWMmP9h-eKCIHEnLUvjYpT78LAr8DC_5yQB8fCHLG1NFEzpgELsXbBsnMrGQ5bGL-W_HGPeH9wCM2psmJsDwKwd6GwNbMllDOMHcsUcoiW-rErK2ExXbX2PcRSE3UOlyf1Vj9OtCzubw96Y3GMZSkA8haAXi5F4X9k092igYuFzdicAfK_2ZMTaQID2T4OQz7s831vj6xdxq4eBidB1pVw1BwAHLyPqNYYlW6lVQLwW5S3kOAk33fxZZojtmDYVjdgCCQUJXYKaVvQe_pduvJZvkh8Yf4zwacuWSOSrVt6VokuFmzNvAo0Qs4O96i6aLl4joaA-qIkreUGVnWhpQ_b3sodSYK4G5bkVtsxTY0CJdIfPrOiKXSZ9qkPHh2QbTBY_YrTuAXYPy0NZvYSWscQklykec65scOgLXb1U3_3zRYTU4JxMrKhmZq5hePmWY5Lv7GnJsd3jUfJ7VRKQQe2IDuBVBg33uAOOU3bXAdcbaFr_fcoYxfUk3q_W5gcf78mQe2AgNutw9l3-d9CE6u0Fvn832ytmrHW2ZyPh8KroVsIR5Wg1dEnvUI9vXVLb911A-BcAAzE2_qNDl6okmF141PBJMDUO40QiUY7ysueQiWskhEjaOssVNPvtsMy2f52wa-5b1_CAGBBuufquuSWQ8QfnaWPo9aFDc89F3ULh9nmZjY4TjLbqXlUHbq9fNWiV6jReQc8FGD9H91D4F_5gAOWkhvckg&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=2%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a99052e11a7407510294140ce2aeff15344fa7ff4d1101bab22f0ae02a593f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14457
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 58C5 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58C5 123 KB
37 KB 184ms
183ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 58C5 14 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58C5 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcZNgxkZjLsAqiFJXCXwn5XkBr1tIDqQa8ROetpT82mvToHPy8L0YMCzdxXJ89nW1I_8tHph2jYgay2aY-t6rMHwmnuipBOOY2ux7UyjLfSOXLbuw

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 75B5 624 B
300 B 54ms
52ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNW5ODc9B76EdEyVE0U8-6171AthR9ksdZ0OPp8yCwW_yrOMbG4bBtSOaCDzxlws9pMFZ0mciWD7vclTIMqbYkxhD9Z3c3fsCkkAjwgQmZvy14LlX7moCGSvRMmlesuTtxTojFPbYLup5W1dmG-p_eUnLkT1P0HzOxU6_JoK4ID70Lny3gPFmQkp7_x63APyf1BVDjyD

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2AF7 78 KB
31 KB 113ms
111ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUzLLW5M5KfrUo2NT5FgaclSscjUK6GD284VUofljiRCvAZpGGjeNCuiDQRb5aP3yIU1XdnPufwIlrRw3LkSdFXpmhe-Fm-UvXMFoSQXqVAwbnDm4qeobIJ8gV022XdGry48U3zzTSy00tYyvcfG48RQeZLA&dbm_d=AKAmf-BpsPaieFYM2TJCEnQ6Fv9tjzKy242frGlayn2um6TAKQlxsp8_24uVKoQLcV2Lo3pwPWacEw_4NyJhY3v8e230m9BlMnTd8_NPs1z1uovBJQden7BoN5HdftXRqmFixMZtF8ZNot2uWvSU7ri3dDw75pC29vPcONkYrv89J84YCU_Js6QpmGZpazOU1XJDS7sp8_wpQjpqTEZu2WplMv8XCQl1gnzC_JbjVrDuz4w6tdFbGt3wjwBKBj6HJgeDR6q3pSLV556lmTeMoqobiMwz2Uj5ikwHDlHLKvtdRwniooOKH4rwVhZIxgcqXLR1s0-FsI41B49GVQfg1-UH1eXQZ4T2VHhD_kO-25wvnitLn_ZfItl7A3kcmXDwT91Qfn-TZtUzOzip1gCR0esviAOJRcmyBJ86YtVHt3HC5LGZyqbfYt5bd6u1hRir6JoG2RN8_XV82yMnrCFyn9erRKOa-P6RgcfLSjzUw7KichVe8DW5P-NqhZT704ktpC_GyLVGp06MJ7etPAOE6cEtPJoB5gtFKVYr9YGEIMcceMfJ4fVMAR-H2-DXrMG54IotOMYXeKiKZR_g72CTu6DCmGVyBaXTbEMmidB4OIXKLVoeLEgEkVv8qzF9o8ypNzCScx3Jo--Awc6fCNZ503tG3X1zUMDo2VoCdRMBYMSD2WbRQzo9wgRh_7A9ARTZsmUnMC-XXNDi_xiexS2Dwc8FjcveY5Yq-7Uk9PqzdMS0LavzVFVegXU5qO3D-pRYPC48M_xpAelEKdTX8pyGdZyWa5WVpNjfzzRRvczNjaD1XcxEXBAzvCL9L18_d1-PBC9_7HBB1nShQS_0UmY33baXCdqb3h_6DByE4bRN0kOypimYTjdUdcifBTuW1DyrDjAVvcVCnujTCmijx29ASBScNESE2c0Ur9yBGRJ75zY_8lXSGdiaGZOU2JXrfvVkvFXfPWtnWjDOIQUJ2LZiQVZJO7TXpIJse95OAtVktpJHO3txZYELP1Rb58Z0Ps9V9bpXkVr1yvJDrFhJ2QdplwTJ0zD17yXr9PfVAqTWvT4VwA_s4YY2PnsecaYeufzf-Mrzqd9Wt7PBijXNJ_w9-1dqcZueuit_8M8pa0-43wd9JilkR9POX0rDGHr3zyBAVD41GNUNEeepdCtoc6LmYNCC-oc3t23AvQlLq1tYTxKOWdBspUWqTyZ9W43sORQ6MtW3R24bWOrgZWn4z04fPM7dYunl9taBAVMqcBU1icRMRtGLiTtZeDwGe6-Pw7i1BIQ23FKbPEOwlEoTPUYz2Ei0AjqshGrcQ7wLBO7S7kK8Pv1Vwo6SsXJ7Byjpw5dBTuzPL-pVqQ05UXhtCtb-g6uiEtyDe9JmRgNI0YbCCHFOA0UdD0Jxhup9JUV4AF5iIiHlkOBIkJoJhtmoNzf4rf_26Bpg04nwoPXQmyvuW8ejzPgMGSp9eKmfv_nAR8leQc72dpbA2_icPLs8YjsWzIWPrqmlvdNs3Zi1KvLhHfVWNUR9jLnWGMEYJEJFMCej-5u2wFcbOpYt_VyY-9Q9K8JIy5qZimeCpApF1fvT3b1gc_LxBRAiBjhgabk-7MZswcsyTln2h-V70_sCuJNaayE-_rEUas21mf3r9VUvvx1yNmz5efrEcNdcHkii7Cdp8JDK2Z4tB2ol3ifJiXzZ9dG_52M8gKH_7aNd2s5YL0P7mTcSPt0S9oKRiL6w9jhZCl7WhxGPd1S89b29tvzXdclltfQXnt6zc1U8qrofif38nnhclZwhSW3fM-h9znwZGBndmW064BT5lcO3QqS-MJli13fC37OKyams4EbSbJwly3N-lZPvX59SvPt2zHzRG7GN1SdCdKuwx-Xl-af8z03y3SwAfnGoQUKC3_yz_mtsU0IvSeGsZaONRHiP9gcUQhp1Z8OsbVB_a0E5-eO8TRvz3ojoDKztlxRlQSaW5sZl4604jRqq2DWluN0J8nrslUo5fs6esp_1-_8rMbaJ7D6RWpQwd1VtT7t6UiEAuLDjjrUdu-DZnSbpp-4Z19jRjA8asDNbEbeUqqvlDx0NIeJLEe_xNGERvSrMZhpzyip_dLrM2sLDS0dbicz5LXY2Bva_W8bdDt0dj7kZu0IDIVZhd1MkXztWiecoYGC6m4nRwOQJ50Z4l7b7sOlrkkTS3PW6VhFVdwYPKZF7WeXvB6Z4sGfy42vdpw9F6J4P_O8VVBq5Q8qPxo91TeR9GHE0XEELPEaabq89lXFe8L_hOIJL-mwbQuxxCR8kt-ItiYJMqzTCPRwmHqMeW0XVTQSajP-bLfnVeb-FR2muysK0uTKFSLFfOCT-Dyj-aZUAaBZjSA4mFtVCvSY7HGcvZ3VSIow4TyZwEoNI_0lNkNS5H8oJhtsL6uwR-M7Qix9n4cADvhscJQWbn2Vk8FkGto9zi9w9h9-CDjCZzpQKdnC78uyZp1nihn7PqDsfgG_9O8-kaIvIPr6ADPz9DyVNrTfVEmMEyAZkYZAZRkhZpJHRcf3IoFyT1WkA68XeZpeCpCkS3GpA1RQBzKqK0jWFZ2XbGm8JG1LFxsBwsakVHIkScOt1zLiKhbeg1xXD6dUZWd6SFeVWm5PudeSYjVdPrecoW4EsSKklGJNqDTSXN-CJEFWjcqnYsZkweF6H6-Kn01yNMuUlMlVSA4PKKB_2rUw6YtEfVg6DRZvAvRkclTMev3EBZ1hB0_ZUHLcbcCykrF3Imy_R8aBJSf6_9Bc7cRaSCRtX5izwRYS5HvoALI3mQ0dy99sRehZul36VBQxLPRtjJUWj0LxlqB8eGyMaQljcz4NZSwlHnb6Q8QPcpsfojPx26aFyEdvAcgqErFYQxedhfLC97OrzH4mQf1zAZ1OeaXp7yYv8_0I4x3f_-eGCzwVfBJshMC8GjrF0x9Duq5SSzZo5ITuQVWcwumtdJeeLbOIKYl62gj-rKitMXiN0UMV7_y6mTJoAfLUiyoJ5Jqih7Mr1s0cbVFSyN8ak75O8h1AZ9COMgMNLtFpCdknegRE6w-TlRilRzY4Bra-0nXE2mWCD69A96j1SsyKG1e8_EVsPO9P7I8C7zfoHj_RfE7hNKFBARJWPzi6Md4dM1T-D7u6ijrevj9gXBoMPrhoTjYF0XlcNhsoR77xDY1QC5kEMXsodIzmu0A&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad10876fa6c206343957fa046e8a5394d15365f79bb2beea08989e4f11c7c5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31842
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AF7 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cc9FMfmfl_WHf2V5J7S41DheS2IV0cnm9YIWka8BdC2VkuCrmGJ97A_An9HGeZmGL49n0hdTaXNHwXaf8sU98oN7Rwzd5EZyl-0-W3et2DLdGXlYQ

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 2AF7
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/907318/59567102/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
481 B

45ms
6ms

Image
image/gif

2600:9000:223f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
age: 15362865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: kQlPdnh4Yg6IIp-Vngb5wuw-SKs82AwlUwnGLLnjEnvOrmHCAYAXsQ==

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2AF7 2 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AF7 123 KB
37 KB 179ms
133ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2AF7 14 KB
6 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3913 624 B
300 B 53ms
51ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNX07ZwM7ILGrcq2XF6iyo5ogPcNpXgQA7XBMZ3apACPJd8W9LxbJw001A9gtCFoQtuKRhT0OBFsrbp8SIOn77Z-bN4_PJQJVK0Z4WfYdiTJyYOmm-9fA8OVxnFzPszTYI-pWvimmE3Qa63UjKjHmXUocYQ3Ev6kZ_-quGdrYR2zEL_ut4hacPQDhOI6aqujZyeEs-YG

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A12 25 KB
15 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5NI1_I_4-3h7U5rrkVu-3e2F_58jrbh12Rmmuy6QtYuh2Mdcr1LpF3IJ2D5szxfhOKuHOkoZvRL1qvs7kICVFTHmt-9BxR7gnBWRLo6jVw4ySON-JbFOl9nJiXIgw1o5N0-aw5L_EIQxYLEMJ8GwMjhQATw&cry=1&dbm_d=AKAmf-BFVPXn9XgXm_XTH3cG25RSg_S6ZRVbno2rHdVOWInmJkOZbE2-keLe7NUH2EEWRqMvG61qoLeDB71kFLYid4bc4yu-I6khh9gN5Xs2FEH20hP6i0NriTk4WImdobjeI4-RRq7V1F-I8AMfCdS7-gsyvVghcmXpy_q_rmOUYueo6nhJolOH8oLg7swxX4BL7ICKgo8mpuHt-pdY-Z4qd8NJkuVLVy99m8WzPt97gpnH2JAwkoEhIodAUySl7ttdVbVnEu6q02UlVxEkc0xx5EhPYsCpK74kZeBaSBmoYtkJGzbVN5Q8PGsJ7PaOrH5fdybxet3FivRAYreCuRJG3baECUI0w9-J9LLbAIDUwbqC09PZ6AieggPZmYOVK7703CwMyhhJTFFZCNFi6AgqkO0g0jBQ8-t5jBFBZ9Ir901bPGcqGXVwtAwahsQxHO_oc8-A3s2U0GQS_Gqc07AJ0FuoOw5ktZh_WhO9JOxTWSy0U6RWEhn7DPhIKO1YemphlPeoMZwFdcdDRJDKB4Y1BTM0-HFeIa3aDyA3ViM-ilkM_M6ubYMJTv8dHAN_ph37cnm3Vr26wfG5_1_W4UJzjUq2qqCTttAPgGKEeZUQ0s-bE4frX2RqCf_490_9nUXCZk1gGLOnHXzjM7uc6UNRvjTYmwVybzFyPlBwvCutTEYrZExfRWCP-xYBOY7KzYmsiaxPyk69IJHb2Vt2jf9FWcYxEgvyedW9oShEv-v08LDjsXiH-Mpec32JXBPPxH8Z125e9x_RlEzGyeHd-Rqo1aJeM3IDq7kdZpa0gtB320Qbszio36ZLTlPctfexS_Cgmf_h2ZxFU6pvi_OT3lfZ_TRrSDhIEugUNRiyLrzdGigvqS8gRsTKL4uw1_LyQ39MeSroGyB7A--87V_TlR4x7t33GG9W6WAfCS3hP8tEwcCrEFOrJgEKPd8pcRv4-VJg8nDpzORxsREu_Z2FMqO-nJWCxo6VmSeJLFXSDA5ch8TyJ9qp-KOJYQ80YKutbCAmubOVfjF2NJMxbtWj5jeTDG5XgKDaHTP_gLa3AgkButgiZUPmW_XGXYBT1FNC_TFLF0uf8v0sT4mncUYuFFv4Fq6pGyeoStgglpNzdkkASpJx-IpiSExJZnd6DTyh886S6BaSc2PuKu-5YHXbZib8tzaxTkyeD4CYVn9MJoA007GS7Q6oZMLQi61RH9jhOzgArGIh7-caU-42FDVaFQmitkl-GHtlSyFQseuiNfNddmkmh0T3yLh2MDbcsPAaQeCvU9Sxn8l90nA_u0LvI7tUjwXzPx8cm1-jA0OGEtepARRNjH8eb0Xlcoo5wOLJSLUpaMHQnw4QWLNXQPF9RTvipHoHLFPKeyRckkBoklU8NhJ5hkK1--vu0iqGnz-RfPZfaeSSLL2W0FW8Xw8m4dKAuoDZfZvKO1M1axDmUX8uBm3MvgedCd_GPe_ku-hsdqlI9P76gQLwj-rc6FqzKyAQH8AmBj2-BElvG-ToDThK6DWXCLu8IhBJ92aZ-L4AWs_UYC9tkBlQLApnZZI62UW6_glkP-n4xSW6htbFp8CVd4NbKqlCF9kDvG_2bXSm_7L5z4eHwU7QdxA9JkdiLM2uzx_wofRo7kzLBK4IC463yvgXX3UQEV7Bc9JcpwwTA7ZNgjasu9bRRRewPCQNrYmIEiWQPJBCXjcCQcGpNOya3t3lBZEjZM_tS5c60ndMapHVy90kEj0odNZjtCuRv8pP0GGW4u7-bXdOkjR_zLm2FWSlLlHF1NHvBIqcfNHwV04uKJmoCVTvBibj3CgHtCAGdY_qC91W8Flr8uh1FPM4EI4IejyNV-uzHAbR2R_FsyhEF2tcxbqNBbcHvTd9cMD5tKERTs2docAEms6nKtfFmiAB839KrNuL-XP6HdLKVQjyRkr86INlWGq0HZyYixoN4LBK6YdoK5AT53_H4TylgjX3xLOC14zgJpKXcRG-ALsIBDXtkZ8ci8VOkFEm5_em_2te12l-5X7UEEY6pHwTrPnUUOWCu7_6T4DIaRTHP66uZNbDDQh2wK7KexC1CWPSLaZ9ZTDPJfgK9KHNavADJptPi5qz3OwG7QXNbB0IJIgRUAzMkFRuqYw9CfDDJO_xk-xxNH6XiNSRTACj8pLggONi41ixgScNULTFM7sDI-Y2JNcg3kD-4KBFOiBfPwm4427Ra6vAdvwl0Ju1ZzBjeWJSaM-pSAs91ibl2T_Cu93IIU1CJ7klWM-K8M8jg4sD1_W__OdzEvxkTQjWG61Rr0tptFJEXGZFJd5wPDBlcEzJaSTN3alTSzn0Ep9vVMPovXdU27DTh0V4l2NTlCepBDSb_ld8IBC_ufHsNc0PN3U4nsSwWnWAgXL76hYc53xKpX5seihkFnCBK2shfxDQb96_Mpvh32hxldQnCA6ElxawSR-NMtEta8tas65XZOSZqvsRQ4gYK7ysK-M_X_pX4PkthfeAS795wjkbZxs6_zPsSiwyERFy0EJOLGmhB6CSB4xUjJPMrqSrHu1ARSOQjUgaRYcOC6eBjMmF1o8ZOhP3zg-dGiaHmoLYEE-55zbqxh50WqQ7JmI2-WZsW9Ni4DvBTg_tbNYCQd-uTMWG-D6FVp6_j4nLsOaikn-VFsdLwVHKL92jNh9_mkJ7OXBDZg5dmTexiy1UgcPouPhtN31uVENuBV44r4qsTe9T3upkgOOaKfJC0MW-Gwn6MoqvvCfH13NW7Tnqxsjz3nZ_bUgHpScaZfT44a-AIUhPZ-l32QedWdEC7tZ4OK23RocTbu-sGi7OK0gh-XSKklDVmFmiKumY9LWZmQar-YWAU8hoHjyzH7JmOscPmf8wEDVVCwgFxHQpR3euUj1XmGbNXrZFF8xcIyBOJ4grt9QTLVy7nLfwVwnsJI6BsyuVSR7x-1I6BSwya8HO2GnlT2fXiBARk7AtckksDSX7uU2Dy8MOc3NNRpAcFkhtCHK55YgJ88OIb0JnsptTK1l7oMm0C6TrAUbNEeytR4qq-IuD1slUvgub10hCS84ypWMlWyNxKz32VCbawih_1CYhbVOrnIknbXZJDVOBA0K-ZFELDutj6OVuyL4PFWiSomgnlO-xhf7mZZDM84dmNF_6iZtLsJXcps2GmHbpO1Fvwrmjkor9ge_nuXaRaz14a2i6dgh2iviqnipzqIPJ7ZVvY5K-XphEuNQ6eP3j&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0592b2770e290ac31de5709fc712ec5e8a558871ba441cb1186dbf25f82ed9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A12 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ddk0l5174d7NrN7VwevjE_yFnODGMNp7PIzyjAYE-6KpZjIL9gIToFqfuL5RbkNl57P0ASKOUGgYoMb9psB914gVubG7jpGCEHR3NZs7j8cS0_xPk

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9A12 2 KB
1 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A12 123 KB
37 KB 193ms
149ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9A12 14 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D53B 624 B
300 B 54ms
52ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVUS_EJOH4FfxTEH1hbfciX9SxIOvDvq6ZIwfvSMu9JzAEypIE_7VMSgxlEDBt2AOjy3CSe8rjpt_avdBzmTWBJGDhMvn5XkaeY9pqAdhBtawgrfWDrtAUxKRp2l6qUQzFCxXZs_cbAN1FFImOA2pGkiCmg7YAqh28CnbP11s1Fx7aeQp9OMIPOGbh3379drmE963Lx

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2E7D 24 KB
14 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJQfkKbC6Gqv5n_wRWnb97pa-Z2gR40_YQKTcZmOiCRfOCNsm-923hHNtUQWU47u6_wKdisWlRZdKh9Ig6aViJZTZi2bml-3drbdKOSbSSIrr8f-1CF1xJtQLIb7Wx98sso8le0El5nKx8nYK-Dl92f4mnIw&cry=1&dbm_d=AKAmf-DoivGqJgkT9Xf87lHTcJoxKxn2O-bUELHw5Hk8JCTY3ssmAwglyXED5SvL3T6f4npETsBi7MXegAIv-EXZ8avpfLHDg8mjpxCx78pJ3wGWbvOmMF1GkHcXLf6hVqBQhBsar6gcnej_pH0h4SZI4Z6_tfy3fmwa2KsufRp8kVM0dtQrfmISZ9IVNeNb4-fyvHKCab49cc4yY0xoIA11vyURIspY86gqYL5hyiVRAvwSsb0laQFMC9oEs_ReMhnTj7PHuN_BcUFNjyvoWBTDpZ7JMGXESNjgwVWFd5gUJ0CFQ2QEbCRRifHtJk-D9mEGfmHA6vr9vUT4Y6_WRRn3RkjtNkyuiYGHrNM63XuXOB4vMgZsTTH6ZDWdMwdJM9QVGpTfXMt1_n5iqfk4lHHSmXCe4yJYkLtxoYBw7FDmXByh8qyiHjd7pBZC20u3MY9z569LliACWAZF_WoyLTWyAe-6i8zdYEcDyoyNZVozxI2sSMgM46lO4T7Upnjyz3ayh47PcUixEMn7xuZSjOk-qA_UajF3n_edeqPvufIZv-nVg8SIi7G9cTg_02OahsebykxH-Pf6zjk5tbV1vKxve75GGzUhXjkMZZxyGYwoFcPkApkGSNiaAfX6WUEWK6PrW8tmCjmloSOLSxKT-TMwYr465z1ot0ULWylZnIeSp6BjLQ8ipP8f_63aOCT-_TwHgx_dh9UcEmlnIKQPbPVnVJd7AJtSRMxGstyHygKNWl1Ltm7CeyMbuUQetJXzC-BtLmiAh2ncC6UzB4Ah3GToOiMt9mRO_OjW4VF6xuesqT6dr62qYVUnwnsAheZXG7GAGU53u6D2557ifb0U2wv9hlODsT86UCQYnSkc_lffscEc8qdruWPISsnr36ji5U-s-WR_QJYvZ1SJpK_ns1bq3n1ad6hL-Ls85U6xO5K9yoDY-xRN0QJ6-qO1p20KWQ-nuA1KOt_TH_3MTAQcga8pKWq4GwncO-6rhTbZLVySMruHp8PwIrbN3FuG0-HdzHNTOYhT-su7sehKqAGbUXFMGUkdK5s8LpDI1EXb2RY1_SOxl_9D_Kr7B902qr6KnmWkesnNCF4Wp2V5X9jiaUSSmhFJNnnjqAnFNXrtCf9FHPLqU-KblPMOF3iazq29CZ-kMAo-Ys3Mt4IIHOiN_F8SQhOatpjudzND_ymgCJlhVm7QF2JUFuBGLt5rE9OqwzRP1nS7y2467JyoKMjbTXn5g35Ncu4AxjGoDqygVeBClXNZcButix3hxDrJWpsEtXTBm7Pzf0h3V75B6YPV0tGqtMyxHf69dx6dIgZKu9oA_8Fz11MrCujMQnlqHswGTUihTuE7NGWelFImIjyIyZjzQUAxY0D0qslLQEqmZdRU_OB4yXbH3nTQwpGFDIEPtUBz_R-z34rKedqZ6kzOCBcLOxg91tJ9oYBK9VOTfaiu7vZ6jrRdNNCZ2dn5O7fm6wvASzPaJBcvevEwFISdavtx1lD78S8eXx8lkfTrBDedPgFp8qyTvdeCydTDbKQR8AylEIsAiiSakgS0qKfVrOilwv5vAIomcQ3baAPd4PCqzNCGsonBc1AqGJjYaPMAshJ-0A013PKNgBPaaCrfOv5gmeKjRsFD1YOOJSf0z9c5pMYKS19ERCHdYwKHIMbATBWLf7L6TEHiBe2AjRAsEL3w1ter4h2jlU7uGDSnG9k3IzBJOFH9oxmerRmPIWU7L2wYPD-epDkC3TbxREA9G7ngCXQkQszI9tlfNLW6XtzMqp8LQEztxRQJZ90f5tpHw-ZNhOEosm274t62IAhdwAaq3ld00D0FF0vjoLbP3q1BpCgbaOGv_zcA11g0EyPkp-FF5ONBpZjKL9h7HvaKxLD6twXcrz-zIm1CpzGTVoY4A7HXd-PZFmkoXdGUH2Rc4tDHXCK5RRwFVU-qFt3UO5n-OzxWh21JY5tr7mJWOOrjDjcmzsrAbrLN8SAn-6QB2GSjYX33z4dC9U9VTV1KAehznmf7GGkMOLmZvHxcFMaDDniNJu7tyYI9ev0E_zLUAbqF1Ozs92eA8DLmC_zfp4yZFDlTZ1b37KaCii-C9nOTrDE_GPkrhWYTSOKUiNngTkBOlaRWziRlIKqTfuTIoh2Y_Ug16ZO-3MlYXeDPxR7SKF9uLBKuTw0j4ZwBaY1YwUQ1CYzIIzsbV85jOW3tBTBBqHHJIQf4YKAQClu-sQiEK7rYnppcdGkqHIre3gR_zAZtxZwRelAqd3B-0dkvpr9lRpNAs8BSv-fW6jYiidtxVj7kNdNtUcQIYc1EmShcBBU7hiWcU4InzGeNHtBVJ4ZUbVUJa43Gd5cJ8gtOFLsG5dDzuwKjeFGjYvcEV-uT0LzgqZYNWbE67eQj0ww3T8tCqI_jsZgBc1ZTzn7G0IqEdXADrOtxCz58QuuOH0BsPVgCA7nN4voNeKQkvdH_4B7-7XLZYeiczvuZiWld0HcBvmFh_1LADXdo81RzUcDEl94PvyR0z0eHZqQG7dZAXP2rOMDG-jH_OQjcupId6tfOYM37whk3M96LjBcVjcrb91NRyVFyhIdbvi-kLGYhRla9aSgBw1VIEEqjBP2g2SyHfQf2flWujaWMkiVviWOL49VwUl6-ngiYEGE2VULN4Erb0LUuaZaEd6q2fc5w0qccYlHS28ehAUOgVBiMklkKj9xXfPmhcPuGkCmRUdF6YEO7Y8THNm20L2iyaiGNNQNXK1T9RIiQvjINdMu2N-q5um8MRND0B7r___BfrSbEEvYn3382x3NYQ_7n1plPMMJUo7_dJZkch4ORb4fSv2proaRwhOJzywYPGHcSZLpVrJXB4R1VUgAjcgho4UGh183z9GwRTMB93B4zzqEc2mWTq72kgWrCbWzrYLNZrk1qHWNCqhwxhZZcKgZmeYEXf0_HJlq64ube3a6v61qweeRnu4Alu32OHzdtJ4WaZTY-LF518WtOS9ymnx72mQ3-hivQCrbsnOs_z03dMRMHP792l9xN1fRH3p1-xauHa2AjSS3ObDWvYQ22F9l3dC8Fyzku7qe8dkC2EbdXrbRSKd5j1RWO28Wiyesjv0x7cl07NcRNGMA1wm9Zr2gBVUbBxytZQbxA9VWpE73CL7gEwvjADdCNJXVMSaqQhKtNsUz_QeWJP5exCPmDDfUt5HZG1mxSOfhGFRW64SMKlavwJLkFCaO4YCrqV2Vb&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5417c4754ca14638867d4801117d800020e04bae3b9a5d689b643b5f33255011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14471
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E7D 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgfBzj80GDXkEKk2QMtrUTDEm3T5rpfdEY0ejGxPmBgzy-m99v1jyfntDn6AVTeRY0WJv8bCEYt56fmyVmssLbKkQYCdG1BAj6RtM1ywo6sGIm3gE

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2E7D 2 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E7D 123 KB
37 KB 175ms
134ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2E7D 14 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:42:12 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D672
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

87ms
87ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 11:42:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 31 Jan 2022 11:42:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AF1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFX4a580j5gXqrfXVwAMqI&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFX4a580j5gXqrfXVwAMqI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjc55C_ATAB&v=APEucNUm0jCmvDj9cctZrlIutssTgtzK7T1XIigWA3v85tUhfeTUj4vUIyz3X4tebSVwVNKS-kQ0XrqBBYwoXlCMCPj8BLL64ut-8WBW6EoPJeOGpd8MmH3zlyFSqbfGnjVyi63E2yIOt1_Rj5E7zD_XLkZobT024w9p6dzqCx76dEiF7fp1LCcUn8WH8QGm7FsE1MRg7VBr
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFX4a580j5gXqrfXVwAMqI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AF1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

43 B
894 B

18ms
18ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjc55C_ATAB&v=APEucNUm0jCmvDj9cctZrlIutssTgtzK7T1XIigWA3v85tUhfeTUj4vUIyz3X4tebSVwVNKS-kQ0XrqBBYwoXlCMCPj8BLL64ut-8WBW6EoPJeOGpd8MmH3zlyFSqbfGnjVyi63E2yIOt1_Rj5E7zD_XLkZobT024w9p6dzqCx76dEiF7fp1LCcUn8WH8QGm7FsE1MRg7VBr
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AF1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKVD_6TNm2aSk29BrAgdDe8&google_cver=1

43 B
1008 B

17ms
17ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKVD_6TNm2aSk29BrAgdDe8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjc55C_ATAB&v=APEucNUm0jCmvDj9cctZrlIutssTgtzK7T1XIigWA3v85tUhfeTUj4vUIyz3X4tebSVwVNKS-kQ0XrqBBYwoXlCMCPj8BLL64ut-8WBW6EoPJeOGpd8MmH3zlyFSqbfGnjVyi63E2yIOt1_Rj5E7zD_XLkZobT024w9p6dzqCx76dEiF7fp1LCcUn8WH8QGm7FsE1MRg7VBr

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 99a72181-d9a2-4422-a7ba-2514e1e229f3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKVD_6TNm2aSk29BrAgdDe8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AF1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

170 B
243 B

81ms
80ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bfb6e26e-d2b6-4f06-bd0d-9ac61dd8d839
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F410
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGbrlR8NSN93J60icWBjRow&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGbrlR8NSN93J60icWBjRow&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVBRG8W7mX2xlkcfP3evcO06sE3lQSksaxDAKERaWv-2tqKCffpdHjmj-X6Y0mu5HCotqGHn2NpqKZxajQnDoeq3ejKnedvV_Stx4vkmzXCKopNk6xL8Q7fhs0O_6g5_gVCcLKCmOWpI_JsWPmfFp3xi62etnnjQPtrgmfHgYVff0tK4f9Ll5WAe0s3L5ReK79gSx9H
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGbrlR8NSN93J60icWBjRow&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F410
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

43 B
894 B

13ms
12ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVBRG8W7mX2xlkcfP3evcO06sE3lQSksaxDAKERaWv-2tqKCffpdHjmj-X6Y0mu5HCotqGHn2NpqKZxajQnDoeq3ejKnedvV_Stx4vkmzXCKopNk6xL8Q7fhs0O_6g5_gVCcLKCmOWpI_JsWPmfFp3xi62etnnjQPtrgmfHgYVff0tK4f9Ll5WAe0s3L5ReK79gSx9H
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F410
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

43 B
1008 B

40ms
40ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVBRG8W7mX2xlkcfP3evcO06sE3lQSksaxDAKERaWv-2tqKCffpdHjmj-X6Y0mu5HCotqGHn2NpqKZxajQnDoeq3ejKnedvV_Stx4vkmzXCKopNk6xL8Q7fhs0O_6g5_gVCcLKCmOWpI_JsWPmfFp3xi62etnnjQPtrgmfHgYVff0tK4f9Ll5WAe0s3L5ReK79gSx9H

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: aa6f5755-fec6-4dd5-80a2-903cf0636647
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F410
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

170 B
232 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 05178e19-da0e-4876-bde7-1943d3a3c0f0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 493A 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpSwt2wjRxCPPvgbU2CudTSOAkyEVuxGIMMx6l9fOgeEmPuCXaEbLHaXP1iTrsbm0w_IYzO3xSZRfI0oxw3w0DtCL2VX41kIUWbREGKzt76-JjmpOIq_SVln4qz-E5Hs0KKUX89f82iVUPjSEr0WPRCMgbVA&cry=1&dbm_d=AKAmf-DWUU8OWPUZfk-9RyWv_drpQEM0VSQvPvcLCh4ksFsL7IgOlHcvDBXGeec-Tu1BUbExLWU6nj74We-B9b-YtaekKuYSukUm1s5S3luxZILKu-KynBmFlQQbMBse7sJyZUKBoxcX3jytYRsaQjW--kJeEsbIMPQ2-sLi_AW3QiOxoTEtmD3QB0T0u_0bpJW_hkkxzca22nOCnQx3Rvz9VR49xCfde744sSMD02C0h8eJGJwfe3ORNjfai_jCtkGi7PusRpapCpxGW8zjOi2gBB6W_DRZVONPPdfxriBLTamMnxvMGErEx7AOQKPx-Kff3xunp07oq_mOd_WU1ayoICX7ZnFumFtfUUlyijIMypE0WUlgvhyWJeTRcfS7IDGT9K442cb7lXwzpFkv3MAy5LfViOyRJYofvZ4GaDQUGTdU62jZfkOJyfPpL7cubTnrrN4QP4MvBWkYwuWPZpYerrFUQto-IMsImHBsWHsuSkhXlLjb1Yr6aeTPRfjByPhRlYtQngKL0axHzbFMCX_wgWxLB013CLWJNU8Tw3A3X8KqnlDexrjRAUfcJf2NdrPMZQMtrAv4sQ9EOBw78dcFAVFjBEtPHvTKbQYeShq-x9ooihKuFeTTSfQtnFNa1CC7bSaXqZMfE88Ja7ZirY8QQRO990fnB74OBufdC_BmZ0te4Ah-egIzsRG2g-mXXcNcVUAkgnNK8XEeR6UH12vET3Rlx9LUDIX4P35KTxDSbUQl6FOt2YC6QocqsqgJfOJbK93Hg6NGVWDCiYs9lwse7FFc2SWqJS2XYoTY2PVNzNPDSm1tWDCgyc5brcny85xC00RtKIx0K4b2H-eAhnUmLrBHbGEcMjOTQs-j3JYwD4VW-EHafBpAouZBAh7325N6PKx6_NLJCeTypvBMWduzcdLQgbFEvpu7kii-c3tDM-VeLJtS9zH_Fihn4JipQPhOWssNlpzgN6qpCvLe7AkTmKg5SjzVWQcxgugfaty1K4uvJurXC9BqgF5hFfhl9Xhp1Zp057PoBT829WLzxZ01KgTWCQ3_wDa78dPC7qPc4lOjsUIPjQURS6FtRQ3HKe0KI9Kb6jsecZRNYP49KyL69NnTY2ER9KDnXRXFlL4Nw1musJJShPcJ8RKAAxBouqLWIm_ZSzNYFwS7WEaXFzmK7vlNDTOPwzgmZMhjBbpnrHcSbjSQEMfXTzln-WQggGhEoNt_XMzG3oYlSmddAgQo_AEbldnz3ix2UGta6SmliB4c1Wc40yoXh6hjm4Ht-HDg0P416mSLuWG7rzz-VpnlRgWxw87OiAiMMON5grvgrerwx3OgsJN51lrwi0a8Eu79NONF1cBhRsXF2qyTwZWk7MCpfC9xnhyVxfjxsPQ3vDMz0VTkjlkJGFkNuH9aw5AUedbc8eHyXdQA2bvrP1Gr7eSFGRqt9hF5jKxqN__qBf8lIfqb5aS41ZJO0R55bVsFsZ5Oq-iK_igmWGbjEXOoBFOYXTHnyxaHRamEG9chubAL21DOmIci1De_jQ-ZrlOrhO7e-CO1zYUCIBT9i1vpX9YhI9sqLkEqeLsZlw9oh9181kdnRsNc7Rg-jq9hDsjXIt424Ga_IJYVYHCye8ijGHNPZBAmlq0S_Hsksx7H-jfayDn9AVmKdmwA4U-f_sNm5hxHeHZDj-_6S0JGxn5-d7OCUQsnvX2ai4KxQXrQYF4pithWM7Ck-be9jYu28u07h4iTO3kkmQMRFC9DCd2lSKrqiXlUkYNkYCXdxKn9l_ka6eO7ViN27u2maI4Ik9qtS_Kem-J4wMKCjFDe_FqEisLR-enOBoUmgOYEn5BKpra5h6X6r2J8kXomUXBpz_biQnUmj8LNODrqDrSfuZKZpBGe3wUvUaXkae7R7KVJuMWpYZWfyRZ4ySZLR9kcv1xH5CKjWjeXXmKHpSE7CQplzICPGZDj6azeIng_Wpow5eKky-B2_s2Cb3INSiHD5EU3tVBPIGtgOE0M0H7guIlilXfatYgNSSGfPhf1rjCxRIWDf-xPhr7xDVUMpEdK66uYmF1-fvkUdxr4KKeyD7tgoWrcIT86CxNq90A2Fq4bfNcmUHZaPuplyaakX4pto5y4MogsSqKtatHFg2WNaRHVN1ztPeT3WMyPwyNFniUBB-bPtbJPyHYHqlqlU99QRpWNfaji6QvAyScm21o_HK40lzk-QT6kq0WYGUF_4fF-Bd1MdSM2ea98WTHkbwFGeDrZLoPDqmdrbuHvtXiFTTB5NDoUcy0_zD0YUfR7eife912cRxIoAO3W26UJaRoRUeWkMLCWFUjFaFqdLJzPUFmvGSvt-pSILO1vnBWshvjl4A8jWul5swDrbSj8fP3eZNRsq-0CcDznNkyUP9Vfz0YBVPNX2w8wblUBGja2jdAStqe-a2chy6YQz51jr_cmtX-19LfH1iLD7fxv3sM89oz5S2b43TE7mKtBiI6bAy9WuJkCOebt3mIaLNhVu_M9uN01qmJml7xtrpNSmHN52X6hhe9bnUuPThLOkGjZ2F6w6zUvWRXbE3SuRXfaeEC1jNCk9Rxzp-odXUHNqk36A21wBZrfeuZe7vcaP1Na5vUwbFlPZfpKbfW70CFJmD9Qp9nl3XBI63lXhKbuVkfhI5mIzUL1m2LfLZKUTN7Laiws51aMtK6pQXTMq8bNsw-LPrmbqalZVD-uycHpBePi3j1ZstN34-1OZsoyzBh-9q2qnF9a51IY9zMtWhRJrPSCFoJct-3KRvkRl7MCjs-JQrtqmrdwG180niRocBn1YBUbh51A1f7lbeB98O01Y002GqYGEPPoJoy4j5BiLoT754xt-X-WEnCb3FWY84BDY8Wz1Y6WoCi8he6ulL2-v-ltb_zCOM4oDa_aEITbP-TJ_jTc4Wjp1dWDKhsxYO9FxvuHO-FqR9U1_poCm82YOrOH9c3_OaV0bxr4L3p7naEzbynKOSxzFNHNnrJUNOLsSQKgyiOIc1xRk4dnoO8WiTuf166NJ5tKcRDoKShMnEYWE0TgnxBE4HSBtLIa2zVredGpTk2jNvzQxDy7uvW6lfHs68brpHg7PGKY7mCcY1I1tUBHIfvhFXsWhGiNv4WukqPFIKbtFNiqALxKZJJG6fqA0EmCQKu7U3aDWYjnt_S3z65hIpleAuVJfceOQ74Ib1ssSw9tlrTxwgPv45aGK0S1eXwzz8LlFwEZ&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:40:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 493A 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 2029 169 KB
59 KB 161ms
38ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Origin: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 11:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jan 2022 11:59:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 2029 8 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8pJfkqmi1rNdbQuqwW-W6Ux30MoX0HwUOuBWOBYm1o1OIHT9hbn4eBuRUtQgBCJDaHaRLlALDqk_FiCMUGCX80gBAkfV8LQWdwIIUVSnCdJJ--wHo3rwV7GAkWLjVTZkiF4H3Y83mMugNsMXE6n4646lExA&dbm_d=AKAmf-DHNbZrDYuUhqPfo--o-HbljG8AFwLE3QcdTj0JvZMh38VAqjsNh4gqc0QesPZuaRI1omGR4UpJVIyuzYiB6chlC0-wbPiDQv_5OhGLv-4eOLmSJYPTSBxVdeyeSBZR-VoplG3xctd1fAryNmLfjOeNx8lXEVyN466ieWnMh3UZYX02D0OyFmeRc_m5ceZD2RC3UU4kcdHQAl9v_6oks0ISjwOYnMWjWhIqrJOcW6lc38Fg_yPxIEgqSSz5aRT-8_bZuf8vKQYB23iWtCBSglr_MCu26iiXku5rOq6sYiCMC6dQpruKq3ErOtbHmTi1T23dYT44-7iebRYwh-A2xKRGUPifAsflpTuABnIhXGSFhbEOTTDAv6aAJFYz2SMqy01dqRg4Eg3b7NUSmz8pLNQ0URIpO0CRmh7aJb3Aav9xRziyJLIgru5IsscUibFyViWP7JD4KWcZA2uXkz636TVwp0pc_7G6o9oJ4L3ib8_0FbdUc4DN7TcLlMfcgtUW0SOUh1myMmfvrvBvXr-vPwIkvCEB4iw1x4u8QIsgY6Lr24cpHGZAiThndsR8kCkNT_Dt9qDw1rg6i6UbTcZY-pQ9e8qVTRRPm_hod-3zKmrk--r62mvBJySfgGmszeapRi7yDHl9LcAFAscS4mOFhbEjXmZpDpk1_y1RrKhQ4by5QjG8cSsnzirDF75ZDtO9Z9gKp7HejY-CDIj87DqwdPtTdjJCxM5RETIVi9xIJb9Ly5BmFPTztA6jO0NPROKb3IgUyLykbrPrKNtccfwEJaQEcaqguS0Sg0TPVBaThV14KS85urHtNDEsblkXo6aoa0moCn1HOMjqVv_FtdsJii0i0P7JkoT-IntVgmlU1hpFK7kSWzOj2wkE908F-oyL9Ru5zPOllciKuXdDkxfG3x1GWvzO1OaqVaKRth7XgGrVSy6aiB42QR-y1VSMqOlyCDkwzb2Si48gohCHUvj0lfZ3elfaobATZnyLGS0ru6DYw5rJA-Tf5INPCHdoLC-wnef37TArQdV757s17nMbi9uHRiu3Sthhr1shUFY7WcHok3nsoL9zy9GBaW4r3bohUVsGhIKP0_-LEBq31-_8RBERto6qg5K1Ayg28-umlqvXH2UgCi7fwObHnWBdszUZPZFffW6LJI9KVoL7GJj4qKd8FLiDcOWmdnQa-dFGVqQAv-5o49N_sRTdXB1Tp_sVY2tJscCBzhd_Yqj-iYQZ7EL9Ab3XYG9FDMzAJRgCWSbmHg1vumBNpuALfamu6Ki90NTzjcpVUSbio5cg9BFS5WnFCzUR037pFe2SSN6EfRPt-MByNcqYIRWxnkBIW1FDgJ-on7_ScVUQVZXtdvP8foncU6uZCvFlH2QDTGECdQic_ZWGVtAKbVnQwMWlLGjmYoWYlH8DB8D8kxvhRl7k2bDXbEkkDLndCtZc7I_PiBx3aK_D_67mP3yrrxTRCgq_9uATwwTn918oqaplIuDa0_ysvw9IB2noFC_i39ePJVgXA74fsjUWDprZ3pcE54qmuy24lwdMCei840N_vuAWfV-YPODzCUueK6xxMQU2OHXW_fO8MX7ASOZiNLx3D-UA32wiULB_6hDIoYMY0mYKCjFUvemq5CyCe582xIE7078m9p9UmX7aR8hYJiYOUWjcjNw8hTkITLGIn9tXEt4QQpuGVJb8MySn2ZKOv8DhCBRXpEDwQK4bNacxBKV4pmKN3JKVwMeBvm4tqiAMDEvXKlF17HlXrLyhH1ud_W3K52gMHefUg38VvIxN18AFwJdqTiPTbqXO-vMRquSeOVhHH39biRwKCC7YZ7x93lNFfKC6Nqvd44zZ1xudlYUHxmV7uEBjXt3ddJOVlNgeQxh82vYFtUSelnFXnQ4iFepzI6UJlVwAlono0vEPzD2YHgVSZS3PGqcpZfJHa-rn2QZpaovxd6vDSua6kh587vDUUBpTmgIt7ILjGxR6qBszCTRbaYE8ySs8DSSnpAVf1Jz7r-zw4QU9Rpg00oKUdSj4fJASX6OnxhXJxIsD4PKcO_7Ztofn-DRIpE-038EX3ik7OsVc4h-wq2BSLEqXIekP-7sMZKm7u08QYiPiZ3MEApQxOUESgXT6qlhhs1zvr8yLFHnIzXlATlV25huTBIDRoHZLG6gW5MrSpw697XGyLXhX8MsOvdXg9REC9dymjYwcrxGu460vSJ_IdHXkICt5SwdYJtpx7dsnZAEp5s8XBMjA8QlN9pbEz6jd92j_znxCyT85M6rWNHCw4VN62KiAHZWxEMz1lXRNKrQHxYYGtDf_me17hTLC9lif_0Ci1wE_WfV5deWNVBrKV9FVKUzAQX8ISPlTVYy8Kriza7zMX1jzUU4ffW3yNsIr1gqrM5q_XIHjg1sN8iXtie4BD1BC_bckAoJuhJP78IyB60UMuOspt1SWi2TnsF-xx03cNZhwdlDJtYaf4Rp5Y6sOyKznw0jXB4_sPqvFbEBYfl4BWe6LPO0fI3gbGK2l3TeQgdmA1PYgVtKVWwlAx7dIjOXCC1YhHzuvHCvFg8JOEU7wuw-Bd6tiZ4HVIXra_H9IKMTkNF5Q1KlzflMA25euC-Vxubfa_e0YQqbxJpcis12TD8pK5RfxIn8d9UguJ3_3mwMvmiNfuLOwkgeAhckHy82_Di25eZz79hDqXSt2iVVoaukR9976AJEDqL251EoabHsEdyiS576PG4SffXhFfB5tED8gbzyQCStr003d5sFRjHstCDdvo76ezKtWBYLisAQUoYVDHPTMoUi69WqCf7BZ6r9Ygf8ddZdPaUY-21YPu9ucZZfmWVtpgWTxuwbOoz-IT8SYcEhXINmXYp6fPo8Oh5HrXYRff5Ns-Nanmkl-uB9XVpyS98HSaB5U7xRvUuSt2GYIssh7Vns9RrzdPHg2bM19XqrBiQG9U1cNdYcCzy1AdqyHo2YKJ5aePL9KGf2itFWcpJSuRVTPKhg_EvNf-Lwy2RrQaOEqBm6D4CsNk_cgWH2WI3U4zrdgV1cZPEGlpu_6lJGy71dTnzcgT6wZhlSN7eBxeHitKQORHLoRtxvn9bHXn8eVLt3KytXB8OQetELyz-nn4QKXsaEQ-KOsZCZpDSn9GFaOqurRC7Ft-a_I20dYUtT5&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:39:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 2029 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:40:22 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 58C5 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3aMyodR22hysZTmGmFj7Otvqj7YrdQxU6fygQ5bA_rYr0VY-9zS6bmkQ61WOeCvpYGvObZkCQMddfFftFMNV-teSTFXmDRbejXSJMLe5HRbYVv_yoR8v5DUwI2k77NM9TRKnQH9k8bg6cvMRhyhtKIzjwyw&cry=1&dbm_d=AKAmf-ANSD-M8pp6Hzs06UXBetNb_BteVC4sQ--xnSEz91odYwSwtHWJBUJNMWLoTsPeHZz4lLGMxqj4u9Wg6ZnWignj2VZPmuL_sqlGLiD9Fi0xh_EvCkgEXLOjenMuShVV0UV5FHEF5UcGx17Nhh-0olJ0EYZtHhElsqcreqatYlY4dvwHaYpJWlyYrpOGe11peBzUa0447Al63-LiTF-YUPFCUkjv9P4JS-kgJfNBTmVZWUkWXScEmiUXU6qo6xJJUthCfIob9mHpOF67dL83tLDjtrJFODFEkTFNksvF1mti4F-R28ppJMmkwRi2Qrt4HhtC0S3fZAsaoBMIWmS4KSmOfwYkxt_kEuvjFuCo1XXUMUo8Zuii6t9V8mpqy0twA5fVyJ10tWRQxtdb5a-TDKl0e2NBSwA7nMRHatXux0KsVHGdoN0u4EMuP6fT2KD7kG-wuOddgY9fnVUSFI0wXPI2gEkHvMYa_9D8y8J6-JqLAEjNNWQRKPjHy80SdipEueI0luScEVAXA846at-uPyCRF6Vvyu_S9RFr2ll12qfrAjc5n56NkK36SUTRhuhpB_i4Nv1urmpdF_77y0yT8o_AUX5XW-xKfr1zR5BOa2M0wLvK3wwppzueI-uNs38reahAzkJWihAqZeLt4gKn0ue1z5JgVJJTq4P3UZpudGIDx4UTMY8Zx8gk1lp982BxPBaU-2p-yoOxhKM8taPgknNzSKyYRdAV3Hx_XLtHZSJ-xJuUE_pbmaZ33EGG6dpPDBebhELc5JmvkGoowTffriFUFNq3bulisnHPqVf5va6MgrgqibW-gMjo-UYrqnXnO0Bdy6rNtbo2VM_uTE5Hd7Hd0eHpw3ejXr_fuMvdM55WHWd54aRvKQeBH7TgluzlhH4ouPQWq5riMdPIQmoX2rEVyWGpQo9iD2zoQQ9TiAaGRB46zvQN3Hd7Vhgh9Ri17zwCDO0WlAILuGAK0wwS4GBcUBhCqFOuMj8ARx921ckB3wxHR46PZWvqtfQJBCHL-uz-XEv2eMkzjK81kQ92Esjkl4RVf-sYd3JP9SVbOl3vHVu7ORwLp_5IExRG_XkDYWrfS60TBV4L04Z2gm0y1UVrCwsxTcieYx8M8nFXI5kV8AuLhg7KI2yN2yaLkQM8rLmicxDZyT6M5udf8dWsYpFQwjJnGFgSQIkVncNIF-WQJYfJ0Ve10EZE33Bi5iL0aC3-3IhIO7Vk6Z1NwDsBLztiWLEuD_L0sHDnM0qocN5vsxzFEyYpHnYywQmDhHo9BaE-oN2Oq8MppXfv2NkM-jn7JPlvwM9S0urucW73lbyBttooG7YLQAZq2eaknTLT4G9CH4QaewtAAs9fcbBpMd9FTCO4f3082l6TvuJdTtr83xuP2RQxM41TDo2k0SMO1QQ9tKLgSIq_mwOHtuSAis1No044ljtUvF0a5scR8BQWrbi0UqGl9zxstvw5p37FuPkCQCbiHIbkrgbdemlpjxpuiPooYSxTGE1VXOFLLR9waRHJNJG6Z7m39XmczhNJmvPhb7dEXm3IXm3urqjvBw2005GAt0D1qaJJ3rVBS4YcPBSvlRVkMLivyETKQeRmLlOfDI1_dRWS3Z6yvnn312N2KF_jaAaAjT3bLo6rz8PXORy7O64QjWWpp5xmR9m1wO2U079X9NH6AAOlEv6PVlwpLWxBco6ROTmZPngDXgwkcYUCdAhhcxT8IXcE81Sv0g476WNtEhvf2ut7Nug0uY4uyRobFzWygXLxqRQiEVlxLp-t9HiH0TcmkIF7FtD2BSrqTzXYMlemfUVj21th072HixKx1-728t065cDP5pl00g6hVmXfwhPq6S4hziIabvYyuqN3Sfw2CcoVXwuz8VGF5TGECINlPeWkcttJk5cgUNNJb95xlQP_9jrL4hVTjfJpQlUlTHvgZ7xPDoFmaJDcF8MP1LgKUR5aCRq4XK2TOEa9Mk0F7vju5-hqubuHuEpHoX7taxpMebp_erR3EtcY1w2rKIAgGFj6IZ_yy_0OL0CMc1M8NJ0LBs4eCIC6njlxAosvyJHHOB2qaOSYedKstqCrLh2M1CTza24jL5cn0BC1W_PEWuNPXNQQq8rvxv_cXgBuMWIPqMmYSHcgx6Esabc9ko5pKTdBPGQYUooayDyeK6qhv5GAac8rmNBh7epGZCoZlFqQi7IuQP408lnG42WC14zj9NqPfKEKWVGYlWVWoZ1UarcK4xMRcP3HRiijhAM0PXXoZGkoNUwLLZZ6lL1JEOTv_S3eQ2dD3qHt2vUqGECI5IMm1JqlWObdnvrpvSSAT3Gk2qQd_KLP1rjaB6XbxBa6FvDs2rnpaEKLsqnEjB4gvG-aZC3EmlGk5rtb4SHVZ1544kjY54Zumg7ovAr56NqNtwf1A16_Y_L21sxXM9pIduD7ifD7lIZlvs0RbhuseNMmv54DYK6jwbwwyt1EJ_DVBVb4CauwAxJ3eCsduu1KqYrcB04PUwGWMmP9h-eKCIHEnLUvjYpT78LAr8DC_5yQB8fCHLG1NFEzpgELsXbBsnMrGQ5bGL-W_HGPeH9wCM2psmJsDwKwd6GwNbMllDOMHcsUcoiW-rErK2ExXbX2PcRSE3UOlyf1Vj9OtCzubw96Y3GMZSkA8haAXi5F4X9k092igYuFzdicAfK_2ZMTaQID2T4OQz7s831vj6xdxq4eBidB1pVw1BwAHLyPqNYYlW6lVQLwW5S3kOAk33fxZZojtmDYVjdgCCQUJXYKaVvQe_pduvJZvkh8Yf4zwacuWSOSrVt6VokuFmzNvAo0Qs4O96i6aLl4joaA-qIkreUGVnWhpQ_b3sodSYK4G5bkVtsxTY0CJdIfPrOiKXSZ9qkPHh2QbTBY_YrTuAXYPy0NZvYSWscQklykec65scOgLXb1U3_3zRYTU4JxMrKhmZq5hePmWY5Lv7GnJsd3jUfJ7VRKQQe2IDuBVBg33uAOOU3bXAdcbaFr_fcoYxfUk3q_W5gcf78mQe2AgNutw9l3-d9CE6u0Fvn832ytmrHW2ZyPh8KroVsIR5Wg1dEnvUI9vXVLb911A-BcAAzE2_qNDl6okmF141PBJMDUO40QiUY7ysueQiWskhEjaOssVNPvtsMy2f52wa-5b1_CAGBBuufquuSWQ8QfnaWPo9aFDc89F3ULh9nmZjY4TjLbqXlUHbq9fNWiV6jReQc8FGD9H91D4F_5gAOWkhvckg&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=2%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:40:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 58C5 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0787
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVXK1ZRIB41UDEk1c4pq_fTL8A_-2QYmiA9BOSUtpPWowMUKTa2k6WIuPPdMnPkZU8h4_glcDYL-uVq9BJ5c4h55q0yQiRjYFv2vi_3OntL5ux7JpxMMWDjHvu0Ud9Uwtys2JahnTssOoZzrrmNEGgpr0mijC1VMY3h6CfnV0IDMDO6oX8ffC1qYugjGdBwh-BErIIN
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0787
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

43 B
894 B

15ms
15ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVXK1ZRIB41UDEk1c4pq_fTL8A_-2QYmiA9BOSUtpPWowMUKTa2k6WIuPPdMnPkZU8h4_glcDYL-uVq9BJ5c4h55q0yQiRjYFv2vi_3OntL5ux7JpxMMWDjHvu0Ud9Uwtys2JahnTssOoZzrrmNEGgpr0mijC1VMY3h6CfnV0IDMDO6oX8ffC1qYugjGdBwh-BErIIN
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0787
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

43 B
1008 B

13ms
13ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVXK1ZRIB41UDEk1c4pq_fTL8A_-2QYmiA9BOSUtpPWowMUKTa2k6WIuPPdMnPkZU8h4_glcDYL-uVq9BJ5c4h55q0yQiRjYFv2vi_3OntL5ux7JpxMMWDjHvu0Ud9Uwtys2JahnTssOoZzrrmNEGgpr0mijC1VMY3h6CfnV0IDMDO6oX8ffC1qYugjGdBwh-BErIIN

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dcb1b966-4a73-452b-8162-a7084c97b3cc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0787
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

170 B
232 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d3303840-9a80-4fa9-84e2-25a9fddebd63
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 9A12 23 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5NI1_I_4-3h7U5rrkVu-3e2F_58jrbh12Rmmuy6QtYuh2Mdcr1LpF3IJ2D5szxfhOKuHOkoZvRL1qvs7kICVFTHmt-9BxR7gnBWRLo6jVw4ySON-JbFOl9nJiXIgw1o5N0-aw5L_EIQxYLEMJ8GwMjhQATw&cry=1&dbm_d=AKAmf-BFVPXn9XgXm_XTH3cG25RSg_S6ZRVbno2rHdVOWInmJkOZbE2-keLe7NUH2EEWRqMvG61qoLeDB71kFLYid4bc4yu-I6khh9gN5Xs2FEH20hP6i0NriTk4WImdobjeI4-RRq7V1F-I8AMfCdS7-gsyvVghcmXpy_q_rmOUYueo6nhJolOH8oLg7swxX4BL7ICKgo8mpuHt-pdY-Z4qd8NJkuVLVy99m8WzPt97gpnH2JAwkoEhIodAUySl7ttdVbVnEu6q02UlVxEkc0xx5EhPYsCpK74kZeBaSBmoYtkJGzbVN5Q8PGsJ7PaOrH5fdybxet3FivRAYreCuRJG3baECUI0w9-J9LLbAIDUwbqC09PZ6AieggPZmYOVK7703CwMyhhJTFFZCNFi6AgqkO0g0jBQ8-t5jBFBZ9Ir901bPGcqGXVwtAwahsQxHO_oc8-A3s2U0GQS_Gqc07AJ0FuoOw5ktZh_WhO9JOxTWSy0U6RWEhn7DPhIKO1YemphlPeoMZwFdcdDRJDKB4Y1BTM0-HFeIa3aDyA3ViM-ilkM_M6ubYMJTv8dHAN_ph37cnm3Vr26wfG5_1_W4UJzjUq2qqCTttAPgGKEeZUQ0s-bE4frX2RqCf_490_9nUXCZk1gGLOnHXzjM7uc6UNRvjTYmwVybzFyPlBwvCutTEYrZExfRWCP-xYBOY7KzYmsiaxPyk69IJHb2Vt2jf9FWcYxEgvyedW9oShEv-v08LDjsXiH-Mpec32JXBPPxH8Z125e9x_RlEzGyeHd-Rqo1aJeM3IDq7kdZpa0gtB320Qbszio36ZLTlPctfexS_Cgmf_h2ZxFU6pvi_OT3lfZ_TRrSDhIEugUNRiyLrzdGigvqS8gRsTKL4uw1_LyQ39MeSroGyB7A--87V_TlR4x7t33GG9W6WAfCS3hP8tEwcCrEFOrJgEKPd8pcRv4-VJg8nDpzORxsREu_Z2FMqO-nJWCxo6VmSeJLFXSDA5ch8TyJ9qp-KOJYQ80YKutbCAmubOVfjF2NJMxbtWj5jeTDG5XgKDaHTP_gLa3AgkButgiZUPmW_XGXYBT1FNC_TFLF0uf8v0sT4mncUYuFFv4Fq6pGyeoStgglpNzdkkASpJx-IpiSExJZnd6DTyh886S6BaSc2PuKu-5YHXbZib8tzaxTkyeD4CYVn9MJoA007GS7Q6oZMLQi61RH9jhOzgArGIh7-caU-42FDVaFQmitkl-GHtlSyFQseuiNfNddmkmh0T3yLh2MDbcsPAaQeCvU9Sxn8l90nA_u0LvI7tUjwXzPx8cm1-jA0OGEtepARRNjH8eb0Xlcoo5wOLJSLUpaMHQnw4QWLNXQPF9RTvipHoHLFPKeyRckkBoklU8NhJ5hkK1--vu0iqGnz-RfPZfaeSSLL2W0FW8Xw8m4dKAuoDZfZvKO1M1axDmUX8uBm3MvgedCd_GPe_ku-hsdqlI9P76gQLwj-rc6FqzKyAQH8AmBj2-BElvG-ToDThK6DWXCLu8IhBJ92aZ-L4AWs_UYC9tkBlQLApnZZI62UW6_glkP-n4xSW6htbFp8CVd4NbKqlCF9kDvG_2bXSm_7L5z4eHwU7QdxA9JkdiLM2uzx_wofRo7kzLBK4IC463yvgXX3UQEV7Bc9JcpwwTA7ZNgjasu9bRRRewPCQNrYmIEiWQPJBCXjcCQcGpNOya3t3lBZEjZM_tS5c60ndMapHVy90kEj0odNZjtCuRv8pP0GGW4u7-bXdOkjR_zLm2FWSlLlHF1NHvBIqcfNHwV04uKJmoCVTvBibj3CgHtCAGdY_qC91W8Flr8uh1FPM4EI4IejyNV-uzHAbR2R_FsyhEF2tcxbqNBbcHvTd9cMD5tKERTs2docAEms6nKtfFmiAB839KrNuL-XP6HdLKVQjyRkr86INlWGq0HZyYixoN4LBK6YdoK5AT53_H4TylgjX3xLOC14zgJpKXcRG-ALsIBDXtkZ8ci8VOkFEm5_em_2te12l-5X7UEEY6pHwTrPnUUOWCu7_6T4DIaRTHP66uZNbDDQh2wK7KexC1CWPSLaZ9ZTDPJfgK9KHNavADJptPi5qz3OwG7QXNbB0IJIgRUAzMkFRuqYw9CfDDJO_xk-xxNH6XiNSRTACj8pLggONi41ixgScNULTFM7sDI-Y2JNcg3kD-4KBFOiBfPwm4427Ra6vAdvwl0Ju1ZzBjeWJSaM-pSAs91ibl2T_Cu93IIU1CJ7klWM-K8M8jg4sD1_W__OdzEvxkTQjWG61Rr0tptFJEXGZFJd5wPDBlcEzJaSTN3alTSzn0Ep9vVMPovXdU27DTh0V4l2NTlCepBDSb_ld8IBC_ufHsNc0PN3U4nsSwWnWAgXL76hYc53xKpX5seihkFnCBK2shfxDQb96_Mpvh32hxldQnCA6ElxawSR-NMtEta8tas65XZOSZqvsRQ4gYK7ysK-M_X_pX4PkthfeAS795wjkbZxs6_zPsSiwyERFy0EJOLGmhB6CSB4xUjJPMrqSrHu1ARSOQjUgaRYcOC6eBjMmF1o8ZOhP3zg-dGiaHmoLYEE-55zbqxh50WqQ7JmI2-WZsW9Ni4DvBTg_tbNYCQd-uTMWG-D6FVp6_j4nLsOaikn-VFsdLwVHKL92jNh9_mkJ7OXBDZg5dmTexiy1UgcPouPhtN31uVENuBV44r4qsTe9T3upkgOOaKfJC0MW-Gwn6MoqvvCfH13NW7Tnqxsjz3nZ_bUgHpScaZfT44a-AIUhPZ-l32QedWdEC7tZ4OK23RocTbu-sGi7OK0gh-XSKklDVmFmiKumY9LWZmQar-YWAU8hoHjyzH7JmOscPmf8wEDVVCwgFxHQpR3euUj1XmGbNXrZFF8xcIyBOJ4grt9QTLVy7nLfwVwnsJI6BsyuVSR7x-1I6BSwya8HO2GnlT2fXiBARk7AtckksDSX7uU2Dy8MOc3NNRpAcFkhtCHK55YgJ88OIb0JnsptTK1l7oMm0C6TrAUbNEeytR4qq-IuD1slUvgub10hCS84ypWMlWyNxKz32VCbawih_1CYhbVOrnIknbXZJDVOBA0K-ZFELDutj6OVuyL4PFWiSomgnlO-xhf7mZZDM84dmNF_6iZtLsJXcps2GmHbpO1Fvwrmjkor9ge_nuXaRaz14a2i6dgh2iviqnipzqIPJ7ZVvY5K-XphEuNQ6eP3j&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:40:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A12 41 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 75B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNW5ODc9B76EdEyVE0U8-6171AthR9ksdZ0OPp8yCwW_yrOMbG4bBtSOaCDzxlws9pMFZ0mciWD7vclTIMqbYkxhD9Z3c3fsCkkAjwgQmZvy14LlX7moCGSvRMmlesuTtxTojFPbYLup5W1dmG-p_eUnLkT1P0HzOxU6_JoK4ID70Lny3gPFmQkp7_x63APyf1BVDjyD
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 75B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

43 B
894 B

16ms
16ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNW5ODc9B76EdEyVE0U8-6171AthR9ksdZ0OPp8yCwW_yrOMbG4bBtSOaCDzxlws9pMFZ0mciWD7vclTIMqbYkxhD9Z3c3fsCkkAjwgQmZvy14LlX7moCGSvRMmlesuTtxTojFPbYLup5W1dmG-p_eUnLkT1P0HzOxU6_JoK4ID70Lny3gPFmQkp7_x63APyf1BVDjyD
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 75B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

43 B
1008 B

290ms
290ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIT3ob0BMAE&v=APEucNW5ODc9B76EdEyVE0U8-6171AthR9ksdZ0OPp8yCwW_yrOMbG4bBtSOaCDzxlws9pMFZ0mciWD7vclTIMqbYkxhD9Z3c3fsCkkAjwgQmZvy14LlX7moCGSvRMmlesuTtxTojFPbYLup5W1dmG-p_eUnLkT1P0HzOxU6_JoK4ID70Lny3gPFmQkp7_x63APyf1BVDjyD

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 66a42dec-cd72-4c0e-b23e-7fe543d36ae3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75B5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

170 B
188 B

78ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c9d3ff76-9a16-4543-8f81-1f3e537e89db
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3913
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNX07ZwM7ILGrcq2XF6iyo5ogPcNpXgQA7XBMZ3apACPJd8W9LxbJw001A9gtCFoQtuKRhT0OBFsrbp8SIOn77Z-bN4_PJQJVK0Z4WfYdiTJyYOmm-9fA8OVxnFzPszTYI-pWvimmE3Qa63UjKjHmXUocYQ3Ev6kZ_-quGdrYR2zEL_ut4hacPQDhOI6aqujZyeEs-YG
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3913
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

43 B
894 B

13ms
13ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNX07ZwM7ILGrcq2XF6iyo5ogPcNpXgQA7XBMZ3apACPJd8W9LxbJw001A9gtCFoQtuKRhT0OBFsrbp8SIOn77Z-bN4_PJQJVK0Z4WfYdiTJyYOmm-9fA8OVxnFzPszTYI-pWvimmE3Qa63UjKjHmXUocYQ3Ev6kZ_-quGdrYR2zEL_ut4hacPQDhOI6aqujZyeEs-YG
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3913
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

43 B
1008 B

16ms
16ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNX07ZwM7ILGrcq2XF6iyo5ogPcNpXgQA7XBMZ3apACPJd8W9LxbJw001A9gtCFoQtuKRhT0OBFsrbp8SIOn77Z-bN4_PJQJVK0Z4WfYdiTJyYOmm-9fA8OVxnFzPszTYI-pWvimmE3Qa63UjKjHmXUocYQ3Ev6kZ_-quGdrYR2zEL_ut4hacPQDhOI6aqujZyeEs-YG

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7dfa5ffa-3edf-4dde-851b-4b5d30f366c5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3913
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

170 B
188 B

96ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f8e264e5-772e-4afd-bbc6-cdbac1dd7c71
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D53B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVUS_EJOH4FfxTEH1hbfciX9SxIOvDvq6ZIwfvSMu9JzAEypIE_7VMSgxlEDBt2AOjy3CSe8rjpt_avdBzmTWBJGDhMvn5XkaeY9pqAdhBtawgrfWDrtAUxKRp2l6qUQzFCxXZs_cbAN1FFImOA2pGkiCmg7YAqh28CnbP11s1Fx7aeQp9OMIPOGbh3379drmE963Lx
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D53B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YffLG-YSYejnhQF1.-.N3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2

43 B
894 B

13ms
12ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVUS_EJOH4FfxTEH1hbfciX9SxIOvDvq6ZIwfvSMu9JzAEypIE_7VMSgxlEDBt2AOjy3CSe8rjpt_avdBzmTWBJGDhMvn5XkaeY9pqAdhBtawgrfWDrtAUxKRp2l6qUQzFCxXZs_cbAN1FFImOA2pGkiCmg7YAqh28CnbP11s1Fx7aeQp9OMIPOGbh3379drmE963Lx
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 11:42:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELesOzcuDtwkiys9JVovx7k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D53B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

43 B
1008 B

39ms
39ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_IGqXTAB&v=APEucNVUS_EJOH4FfxTEH1hbfciX9SxIOvDvq6ZIwfvSMu9JzAEypIE_7VMSgxlEDBt2AOjy3CSe8rjpt_avdBzmTWBJGDhMvn5XkaeY9pqAdhBtawgrfWDrtAUxKRp2l6qUQzFCxXZs_cbAN1FFImOA2pGkiCmg7YAqh28CnbP11s1Fx7aeQp9OMIPOGbh3379drmE963Lx

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 93762b00-2411-471b-8c2b-a10503b95940
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK8vnu_fdQxbkvobyC9Wpvc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D53B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

170 B
188 B

99ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 72eff7b9-5f7d-4743-b9e6-ec048d0a0897
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQwMDQ3MzAyNzAzNjYxOTcxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 2E7D 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJQfkKbC6Gqv5n_wRWnb97pa-Z2gR40_YQKTcZmOiCRfOCNsm-923hHNtUQWU47u6_wKdisWlRZdKh9Ig6aViJZTZi2bml-3drbdKOSbSSIrr8f-1CF1xJtQLIb7Wx98sso8le0El5nKx8nYK-Dl92f4mnIw&cry=1&dbm_d=AKAmf-DoivGqJgkT9Xf87lHTcJoxKxn2O-bUELHw5Hk8JCTY3ssmAwglyXED5SvL3T6f4npETsBi7MXegAIv-EXZ8avpfLHDg8mjpxCx78pJ3wGWbvOmMF1GkHcXLf6hVqBQhBsar6gcnej_pH0h4SZI4Z6_tfy3fmwa2KsufRp8kVM0dtQrfmISZ9IVNeNb4-fyvHKCab49cc4yY0xoIA11vyURIspY86gqYL5hyiVRAvwSsb0laQFMC9oEs_ReMhnTj7PHuN_BcUFNjyvoWBTDpZ7JMGXESNjgwVWFd5gUJ0CFQ2QEbCRRifHtJk-D9mEGfmHA6vr9vUT4Y6_WRRn3RkjtNkyuiYGHrNM63XuXOB4vMgZsTTH6ZDWdMwdJM9QVGpTfXMt1_n5iqfk4lHHSmXCe4yJYkLtxoYBw7FDmXByh8qyiHjd7pBZC20u3MY9z569LliACWAZF_WoyLTWyAe-6i8zdYEcDyoyNZVozxI2sSMgM46lO4T7Upnjyz3ayh47PcUixEMn7xuZSjOk-qA_UajF3n_edeqPvufIZv-nVg8SIi7G9cTg_02OahsebykxH-Pf6zjk5tbV1vKxve75GGzUhXjkMZZxyGYwoFcPkApkGSNiaAfX6WUEWK6PrW8tmCjmloSOLSxKT-TMwYr465z1ot0ULWylZnIeSp6BjLQ8ipP8f_63aOCT-_TwHgx_dh9UcEmlnIKQPbPVnVJd7AJtSRMxGstyHygKNWl1Ltm7CeyMbuUQetJXzC-BtLmiAh2ncC6UzB4Ah3GToOiMt9mRO_OjW4VF6xuesqT6dr62qYVUnwnsAheZXG7GAGU53u6D2557ifb0U2wv9hlODsT86UCQYnSkc_lffscEc8qdruWPISsnr36ji5U-s-WR_QJYvZ1SJpK_ns1bq3n1ad6hL-Ls85U6xO5K9yoDY-xRN0QJ6-qO1p20KWQ-nuA1KOt_TH_3MTAQcga8pKWq4GwncO-6rhTbZLVySMruHp8PwIrbN3FuG0-HdzHNTOYhT-su7sehKqAGbUXFMGUkdK5s8LpDI1EXb2RY1_SOxl_9D_Kr7B902qr6KnmWkesnNCF4Wp2V5X9jiaUSSmhFJNnnjqAnFNXrtCf9FHPLqU-KblPMOF3iazq29CZ-kMAo-Ys3Mt4IIHOiN_F8SQhOatpjudzND_ymgCJlhVm7QF2JUFuBGLt5rE9OqwzRP1nS7y2467JyoKMjbTXn5g35Ncu4AxjGoDqygVeBClXNZcButix3hxDrJWpsEtXTBm7Pzf0h3V75B6YPV0tGqtMyxHf69dx6dIgZKu9oA_8Fz11MrCujMQnlqHswGTUihTuE7NGWelFImIjyIyZjzQUAxY0D0qslLQEqmZdRU_OB4yXbH3nTQwpGFDIEPtUBz_R-z34rKedqZ6kzOCBcLOxg91tJ9oYBK9VOTfaiu7vZ6jrRdNNCZ2dn5O7fm6wvASzPaJBcvevEwFISdavtx1lD78S8eXx8lkfTrBDedPgFp8qyTvdeCydTDbKQR8AylEIsAiiSakgS0qKfVrOilwv5vAIomcQ3baAPd4PCqzNCGsonBc1AqGJjYaPMAshJ-0A013PKNgBPaaCrfOv5gmeKjRsFD1YOOJSf0z9c5pMYKS19ERCHdYwKHIMbATBWLf7L6TEHiBe2AjRAsEL3w1ter4h2jlU7uGDSnG9k3IzBJOFH9oxmerRmPIWU7L2wYPD-epDkC3TbxREA9G7ngCXQkQszI9tlfNLW6XtzMqp8LQEztxRQJZ90f5tpHw-ZNhOEosm274t62IAhdwAaq3ld00D0FF0vjoLbP3q1BpCgbaOGv_zcA11g0EyPkp-FF5ONBpZjKL9h7HvaKxLD6twXcrz-zIm1CpzGTVoY4A7HXd-PZFmkoXdGUH2Rc4tDHXCK5RRwFVU-qFt3UO5n-OzxWh21JY5tr7mJWOOrjDjcmzsrAbrLN8SAn-6QB2GSjYX33z4dC9U9VTV1KAehznmf7GGkMOLmZvHxcFMaDDniNJu7tyYI9ev0E_zLUAbqF1Ozs92eA8DLmC_zfp4yZFDlTZ1b37KaCii-C9nOTrDE_GPkrhWYTSOKUiNngTkBOlaRWziRlIKqTfuTIoh2Y_Ug16ZO-3MlYXeDPxR7SKF9uLBKuTw0j4ZwBaY1YwUQ1CYzIIzsbV85jOW3tBTBBqHHJIQf4YKAQClu-sQiEK7rYnppcdGkqHIre3gR_zAZtxZwRelAqd3B-0dkvpr9lRpNAs8BSv-fW6jYiidtxVj7kNdNtUcQIYc1EmShcBBU7hiWcU4InzGeNHtBVJ4ZUbVUJa43Gd5cJ8gtOFLsG5dDzuwKjeFGjYvcEV-uT0LzgqZYNWbE67eQj0ww3T8tCqI_jsZgBc1ZTzn7G0IqEdXADrOtxCz58QuuOH0BsPVgCA7nN4voNeKQkvdH_4B7-7XLZYeiczvuZiWld0HcBvmFh_1LADXdo81RzUcDEl94PvyR0z0eHZqQG7dZAXP2rOMDG-jH_OQjcupId6tfOYM37whk3M96LjBcVjcrb91NRyVFyhIdbvi-kLGYhRla9aSgBw1VIEEqjBP2g2SyHfQf2flWujaWMkiVviWOL49VwUl6-ngiYEGE2VULN4Erb0LUuaZaEd6q2fc5w0qccYlHS28ehAUOgVBiMklkKj9xXfPmhcPuGkCmRUdF6YEO7Y8THNm20L2iyaiGNNQNXK1T9RIiQvjINdMu2N-q5um8MRND0B7r___BfrSbEEvYn3382x3NYQ_7n1plPMMJUo7_dJZkch4ORb4fSv2proaRwhOJzywYPGHcSZLpVrJXB4R1VUgAjcgho4UGh183z9GwRTMB93B4zzqEc2mWTq72kgWrCbWzrYLNZrk1qHWNCqhwxhZZcKgZmeYEXf0_HJlq64ube3a6v61qweeRnu4Alu32OHzdtJ4WaZTY-LF518WtOS9ymnx72mQ3-hivQCrbsnOs_z03dMRMHP792l9xN1fRH3p1-xauHa2AjSS3ObDWvYQ22F9l3dC8Fyzku7qe8dkC2EbdXrbRSKd5j1RWO28Wiyesjv0x7cl07NcRNGMA1wm9Zr2gBVUbBxytZQbxA9VWpE73CL7gEwvjADdCNJXVMSaqQhKtNsUz_QeWJP5exCPmDDfUt5HZG1mxSOfhGFRW64SMKlavwJLkFCaO4YCrqV2Vb&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:40:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E7D 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 2AF7 169 KB
59 KB 185ms
80ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Origin: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 11:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jan 2022 11:59:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 2AF7 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUzLLW5M5KfrUo2NT5FgaclSscjUK6GD284VUofljiRCvAZpGGjeNCuiDQRb5aP3yIU1XdnPufwIlrRw3LkSdFXpmhe-Fm-UvXMFoSQXqVAwbnDm4qeobIJ8gV022XdGry48U3zzTSy00tYyvcfG48RQeZLA&dbm_d=AKAmf-BpsPaieFYM2TJCEnQ6Fv9tjzKy242frGlayn2um6TAKQlxsp8_24uVKoQLcV2Lo3pwPWacEw_4NyJhY3v8e230m9BlMnTd8_NPs1z1uovBJQden7BoN5HdftXRqmFixMZtF8ZNot2uWvSU7ri3dDw75pC29vPcONkYrv89J84YCU_Js6QpmGZpazOU1XJDS7sp8_wpQjpqTEZu2WplMv8XCQl1gnzC_JbjVrDuz4w6tdFbGt3wjwBKBj6HJgeDR6q3pSLV556lmTeMoqobiMwz2Uj5ikwHDlHLKvtdRwniooOKH4rwVhZIxgcqXLR1s0-FsI41B49GVQfg1-UH1eXQZ4T2VHhD_kO-25wvnitLn_ZfItl7A3kcmXDwT91Qfn-TZtUzOzip1gCR0esviAOJRcmyBJ86YtVHt3HC5LGZyqbfYt5bd6u1hRir6JoG2RN8_XV82yMnrCFyn9erRKOa-P6RgcfLSjzUw7KichVe8DW5P-NqhZT704ktpC_GyLVGp06MJ7etPAOE6cEtPJoB5gtFKVYr9YGEIMcceMfJ4fVMAR-H2-DXrMG54IotOMYXeKiKZR_g72CTu6DCmGVyBaXTbEMmidB4OIXKLVoeLEgEkVv8qzF9o8ypNzCScx3Jo--Awc6fCNZ503tG3X1zUMDo2VoCdRMBYMSD2WbRQzo9wgRh_7A9ARTZsmUnMC-XXNDi_xiexS2Dwc8FjcveY5Yq-7Uk9PqzdMS0LavzVFVegXU5qO3D-pRYPC48M_xpAelEKdTX8pyGdZyWa5WVpNjfzzRRvczNjaD1XcxEXBAzvCL9L18_d1-PBC9_7HBB1nShQS_0UmY33baXCdqb3h_6DByE4bRN0kOypimYTjdUdcifBTuW1DyrDjAVvcVCnujTCmijx29ASBScNESE2c0Ur9yBGRJ75zY_8lXSGdiaGZOU2JXrfvVkvFXfPWtnWjDOIQUJ2LZiQVZJO7TXpIJse95OAtVktpJHO3txZYELP1Rb58Z0Ps9V9bpXkVr1yvJDrFhJ2QdplwTJ0zD17yXr9PfVAqTWvT4VwA_s4YY2PnsecaYeufzf-Mrzqd9Wt7PBijXNJ_w9-1dqcZueuit_8M8pa0-43wd9JilkR9POX0rDGHr3zyBAVD41GNUNEeepdCtoc6LmYNCC-oc3t23AvQlLq1tYTxKOWdBspUWqTyZ9W43sORQ6MtW3R24bWOrgZWn4z04fPM7dYunl9taBAVMqcBU1icRMRtGLiTtZeDwGe6-Pw7i1BIQ23FKbPEOwlEoTPUYz2Ei0AjqshGrcQ7wLBO7S7kK8Pv1Vwo6SsXJ7Byjpw5dBTuzPL-pVqQ05UXhtCtb-g6uiEtyDe9JmRgNI0YbCCHFOA0UdD0Jxhup9JUV4AF5iIiHlkOBIkJoJhtmoNzf4rf_26Bpg04nwoPXQmyvuW8ejzPgMGSp9eKmfv_nAR8leQc72dpbA2_icPLs8YjsWzIWPrqmlvdNs3Zi1KvLhHfVWNUR9jLnWGMEYJEJFMCej-5u2wFcbOpYt_VyY-9Q9K8JIy5qZimeCpApF1fvT3b1gc_LxBRAiBjhgabk-7MZswcsyTln2h-V70_sCuJNaayE-_rEUas21mf3r9VUvvx1yNmz5efrEcNdcHkii7Cdp8JDK2Z4tB2ol3ifJiXzZ9dG_52M8gKH_7aNd2s5YL0P7mTcSPt0S9oKRiL6w9jhZCl7WhxGPd1S89b29tvzXdclltfQXnt6zc1U8qrofif38nnhclZwhSW3fM-h9znwZGBndmW064BT5lcO3QqS-MJli13fC37OKyams4EbSbJwly3N-lZPvX59SvPt2zHzRG7GN1SdCdKuwx-Xl-af8z03y3SwAfnGoQUKC3_yz_mtsU0IvSeGsZaONRHiP9gcUQhp1Z8OsbVB_a0E5-eO8TRvz3ojoDKztlxRlQSaW5sZl4604jRqq2DWluN0J8nrslUo5fs6esp_1-_8rMbaJ7D6RWpQwd1VtT7t6UiEAuLDjjrUdu-DZnSbpp-4Z19jRjA8asDNbEbeUqqvlDx0NIeJLEe_xNGERvSrMZhpzyip_dLrM2sLDS0dbicz5LXY2Bva_W8bdDt0dj7kZu0IDIVZhd1MkXztWiecoYGC6m4nRwOQJ50Z4l7b7sOlrkkTS3PW6VhFVdwYPKZF7WeXvB6Z4sGfy42vdpw9F6J4P_O8VVBq5Q8qPxo91TeR9GHE0XEELPEaabq89lXFe8L_hOIJL-mwbQuxxCR8kt-ItiYJMqzTCPRwmHqMeW0XVTQSajP-bLfnVeb-FR2muysK0uTKFSLFfOCT-Dyj-aZUAaBZjSA4mFtVCvSY7HGcvZ3VSIow4TyZwEoNI_0lNkNS5H8oJhtsL6uwR-M7Qix9n4cADvhscJQWbn2Vk8FkGto9zi9w9h9-CDjCZzpQKdnC78uyZp1nihn7PqDsfgG_9O8-kaIvIPr6ADPz9DyVNrTfVEmMEyAZkYZAZRkhZpJHRcf3IoFyT1WkA68XeZpeCpCkS3GpA1RQBzKqK0jWFZ2XbGm8JG1LFxsBwsakVHIkScOt1zLiKhbeg1xXD6dUZWd6SFeVWm5PudeSYjVdPrecoW4EsSKklGJNqDTSXN-CJEFWjcqnYsZkweF6H6-Kn01yNMuUlMlVSA4PKKB_2rUw6YtEfVg6DRZvAvRkclTMev3EBZ1hB0_ZUHLcbcCykrF3Imy_R8aBJSf6_9Bc7cRaSCRtX5izwRYS5HvoALI3mQ0dy99sRehZul36VBQxLPRtjJUWj0LxlqB8eGyMaQljcz4NZSwlHnb6Q8QPcpsfojPx26aFyEdvAcgqErFYQxedhfLC97OrzH4mQf1zAZ1OeaXp7yYv8_0I4x3f_-eGCzwVfBJshMC8GjrF0x9Duq5SSzZo5ITuQVWcwumtdJeeLbOIKYl62gj-rKitMXiN0UMV7_y6mTJoAfLUiyoJ5Jqih7Mr1s0cbVFSyN8ak75O8h1AZ9COMgMNLtFpCdknegRE6w-TlRilRzY4Bra-0nXE2mWCD69A96j1SsyKG1e8_EVsPO9P7I8C7zfoHj_RfE7hNKFBARJWPzi6Md4dM1T-D7u6ijrevj9gXBoMPrhoTjYF0XlcNhsoR77xDY1QC5kEMXsodIzmu0A&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&rfl=1%2Chttps%253A%252F%252Fid.tellows.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:39:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 2AF7 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 11:40:22 GMT

GET
H/1.1 200
OK kumirww3i0oj Show response
hal9000.redintelligence.net/zone/ Frame 493A 11 KB
4 KB 43ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kumirww3i0oj?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 664f0fbaeda8912b26592fca43a9c0170776af815af58503630bcef13950abda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3922
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F462 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 151825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK hjtkt1t9m63l Show response
hal9000.redintelligence.net/zone/ Frame 58C5 11 KB
4 KB 35ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 932413d92c4e75883ecd64c99b9d7595dbd355c391a1da81dadecf14f8c9d2a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3918
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2029 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
DATA 200
OK truncated
/ Frame 2029 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e6e88ff0640998ccd2237c5f38cf2f4895363dbde40163ed8b7e110732dde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6424 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 151825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK kumirww3i0oj Show response
hal9000.redintelligence.net/zone/ Frame 9A12 11 KB
4 KB 35ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kumirww3i0oj?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8147364b61e561dd883dc4960fa6a6492aa64e8473b6448c548f5f2b5649ba05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3921
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 142B 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 151825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1524 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 151825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK kumirww3i0oj Show response
hal9000.redintelligence.net/zone/ Frame 2E7D 11 KB
4 KB 35ms
13ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kumirww3i0oj?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAKT2Gcv3YaCFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9CCkATrBvwTdf0e-uNVyG31GcGeSyvulZYa8nWMV2YoSu--uucAO9CSIm1aA6NSo2HlkJOH0bg6O7gdoDNL4ugHIEbqAoDWqu-0GKoVdqRuW1sVvyFqyjDcCVepNCh5ESL1AdY2ENPZcSmZku8VAlq1oOn7WZ6y4Eulm6rEHrD_OYkWPmNBp8XmrZJEGc3tPu0EbXZJpjLLjjujAF35rFexyufpM7r_tw7NBdfvIKC64NHv6w1ZrGXKCLuB-JuHC8l3gZC87aNTBLWK1aY-wZzpQOeHrkLa-NQPI_crhCCuKI0ZydP9wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1mfr9bOQHuxRFhl83miuE-_TyWTQ%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C777KbGzKFxxtPfseoP4BWXz5YKA9cc1T9_NCTwlq7rpkSxBgy2vfcgFXQgey5662IA4BooAM061usEeDhisyCnlNeoXRVwiWxtdgG0qcW04KgR_6R1k6n6YTjwbLYWrq_TtbmtOvI9hZ55IoPpEVUDGTckQ%26cry%3D1%26dbm_d%3DAKAmf-BnkPHvz5tG55PzAxyc-QuZuaXH2Jj-GqnUpNKeOLlSa1vGkEBXmy6lxCuMgRnGwkhiQF2woxF12INKaY9A6lISiVOBmFPMfpoqSwL_6A2Y95AVH10H48JII0U_zeho35uOUPpYAAQ9-ss3Q9b7Dw5QYNYUoc1MFNenLArl42d8_VOxNLSIL8OholXYMprfqOlRHsdWHhiQOGfCEBPQInhv8X7_sg1xPD-VUpLR8l9OF5r53ZQLZ_WsgqCWxTSDsjLBd_rrhPh2dwE3M23Y_DLk55_GtJ-4J5mScwOPIxb8s__LhrxXQBUD3upRqqZ-wfMWLCLJ-zbO0H3yVO0B35xpgIUbc1rJbM2i9O8HSqw1E1KVQ8mYn8PDAtRc-s-19DQ91Fh8h8dqj8B0IzFDDWz_eQTPgqTHHQk5wXywLRwdqTsl33NfiQddC50zO3-1Wg8a9gTn%26adurl%3D
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5543c0b4c7762e95f78cd2a8c967906d7cfdc1244e056c894f414128ba0de574

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3924
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2AF7 41 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 493A
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

103ms
81ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=7650178681431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e4cd53f5c355c820d821ca39cffaeb101ed8d821a50deb0ee641a50afe5f354d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25704100131039600757617011856021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 956
Expires: Mon, 31 Jan 2022 11:42:19 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=7650178681431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 31 Jan 2022 11:42:19 +0100

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 58C5
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

103ms
81ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 77144b1e128cf1a6d5aa50e822e22d761296f0e397b8dc7fb78d9c4f0f4de82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 93338700122440600710584011856008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1295
Expires: Mon, 31 Jan 2022 11:42:19 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 31 Jan 2022 11:42:19 +0100

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8387 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 151825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame F462 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 9A12
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

103ms
82ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=3177708991544&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1d8a15fabdbc5d71ff3755d94e188a073c29f64a10da2260fc1d03c782bf59b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 89923500122440800757617011856008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 954
Expires: Mon, 31 Jan 2022 11:42:19 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=3177708991544&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 31 Jan 2022 11:42:19 +0100

GET
H/1.1 200
OK request.php Show response
hal900014.redintelligence.net/ Frame 2E7D 3 KB
2 KB 108ms
79ms Script
application/x-javascript 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=91f34977db&subid=&uid=3f4d20f4362b4666&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAKT2Gcv3YaCFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9CCkATrBvwTdf0e-uNVyG31GcGeSyvulZYa8nWMV2YoSu--uucAO9CSIm1aA6NSo2HlkJOH0bg6O7gdoDNL4ugHIEbqAoDWqu-0GKoVdqRuW1sVvyFqyjDcCVepNCh5ESL1AdY2ENPZcSmZku8VAlq1oOn7WZ6y4Eulm6rEHrD_OYkWPmNBp8XmrZJEGc3tPu0EbXZJpjLLjjujAF35rFexyufpM7r_tw7NBdfvIKC64NHv6w1ZrGXKCLuB-JuHC8l3gZC87aNTBLWK1aY-wZzpQOeHrkLa-NQPI_crhCCuKI0ZydP9wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1mfr9bOQHuxRFhl83miuE-_TyWTQ%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C777KbGzKFxxtPfseoP4BWXz5YKA9cc1T9_NCTwlq7rpkSxBgy2vfcgFXQgey5662IA4BooAM061usEeDhisyCnlNeoXRVwiWxtdgG0qcW04KgR_6R1k6n6YTjwbLYWrq_TtbmtOvI9hZ55IoPpEVUDGTckQ%26cry%3D1%26dbm_d%3DAKAmf-BnkPHvz5tG55PzAxyc-QuZuaXH2Jj-GqnUpNKeOLlSa1vGkEBXmy6lxCuMgRnGwkhiQF2woxF12INKaY9A6lISiVOBmFPMfpoqSwL_6A2Y95AVH10H48JII0U_zeho35uOUPpYAAQ9-ss3Q9b7Dw5QYNYUoc1MFNenLArl42d8_VOxNLSIL8OholXYMprfqOlRHsdWHhiQOGfCEBPQInhv8X7_sg1xPD-VUpLR8l9OF5r53ZQLZ_WsgqCWxTSDsjLBd_rrhPh2dwE3M23Y_DLk55_GtJ-4J5mScwOPIxb8s__LhrxXQBUD3upRqqZ-wfMWLCLJ-zbO0H3yVO0B35xpgIUbc1rJbM2i9O8HSqw1E1KVQ8mYn8PDAtRc-s-19DQ91Fh8h8dqj8B0IzFDDWz_eQTPgqTHHQk5wXywLRwdqTsl33NfiQddC50zO3-1Wg8a9gTn%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=988897226757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/kumirww3i0oj?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAKT2Gcv3YaCFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9CCkATrBvwTdf0e-uNVyG31GcGeSyvulZYa8nWMV2YoSu--uucAO9CSIm1aA6NSo2HlkJOH0bg6O7gdoDNL4ugHIEbqAoDWqu-0GKoVdqRuW1sVvyFqyjDcCVepNCh5ESL1AdY2ENPZcSmZku8VAlq1oOn7WZ6y4Eulm6rEHrD_OYkWPmNBp8XmrZJEGc3tPu0EbXZJpjLLjjujAF35rFexyufpM7r_tw7NBdfvIKC64NHv6w1ZrGXKCLuB-JuHC8l3gZC87aNTBLWK1aY-wZzpQOeHrkLa-NQPI_crhCCuKI0ZydP9wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1mfr9bOQHuxRFhl83miuE-_TyWTQ%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C777KbGzKFxxtPfseoP4BWXz5YKA9cc1T9_NCTwlq7rpkSxBgy2vfcgFXQgey5662IA4BooAM061usEeDhisyCnlNeoXRVwiWxtdgG0qcW04KgR_6R1k6n6YTjwbLYWrq_TtbmtOvI9hZ55IoPpEVUDGTckQ%26cry%3D1%26dbm_d%3DAKAmf-BnkPHvz5tG55PzAxyc-QuZuaXH2Jj-GqnUpNKeOLlSa1vGkEBXmy6lxCuMgRnGwkhiQF2woxF12INKaY9A6lISiVOBmFPMfpoqSwL_6A2Y95AVH10H48JII0U_zeho35uOUPpYAAQ9-ss3Q9b7Dw5QYNYUoc1MFNenLArl42d8_VOxNLSIL8OholXYMprfqOlRHsdWHhiQOGfCEBPQInhv8X7_sg1xPD-VUpLR8l9OF5r53ZQLZ_WsgqCWxTSDsjLBd_rrhPh2dwE3M23Y_DLk55_GtJ-4J5mScwOPIxb8s__LhrxXQBUD3upRqqZ-wfMWLCLJ-zbO0H3yVO0B35xpgIUbc1rJbM2i9O8HSqw1E1KVQ8mYn8PDAtRc-s-19DQ91Fh8h8dqj8B0IzFDDWz_eQTPgqTHHQk5wXywLRwdqTsl33NfiQddC50zO3-1Wg8a9gTn%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 13db77e5b8887c6b776244ae3011d4f6e18d3831619ee84d678cdfbc9258eadf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 38979700131350700757617011856014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 953
Expires: Mon, 31 Jan 2022 11:42:19 +0100

GET
DATA 200
OK truncated
/ Frame 2AF7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4673a3971c636e3e956e8d78fbf2bd72d01cf82b3fbb7a4debb7b2398eaf74d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame F78B
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
633 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://id.tellows.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 300958
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 31 Jan 2022 11:42:19 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C1)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Mon, 31 Jan 2022 11:42:19 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Mon, 31 Jan 2022 11:42:19 GMT
x-transaction: 3e567d75ce5c008d
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 157
x-connection-hash: e8da0dbd572596d7bcd992a1c441b63265d66c1d64f30441a9547a3b4e6dac3c

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DD11 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 151825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 6424 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 142B 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 1524 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 8387 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame DD11 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 4 KB
1 KB 114ms
70ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e560ba9d885d8f978ffa627e0fa8be56bbc001c8201f6de2ae991cbe6ae50e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1008
date: Mon, 31 Jan 2022 11:42:19 GMT
expires: Tue, 31 Jan 2023 11:42:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2029 0
571 B 179ms
81ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPbhjbkmsfOtDbwox7CulnPdykFYLbyXvqE-xbS2cOfnh36wI3Byg6mS23N_Gu_dIp2nrdjsDRX-xv8opfeCZxsjF6-CKr-h2vHPoceXeKP5mvOonprf1O9J-2Gyh7qmtbiqHcxP9EPPtmb22kEvLvbK9kp5aQb91d4KN98AJs9ntZAd0Ebt4OOaBaVARS0z_s4bZ0UCA_Oy-bfheC39CWY0XxnAvLwQazaANVVg77fO3mlfj3V1dV0nrIE_4ER-2InLGK5JeHdSDwDBSS-AsBA1HlfaBC44FGOsfFTrkpZAYbhFNALKaDN3J0f5fy3Sd3YGRsNbdlAeOLu8I1hnqF5zY7FnrfFsV8t1mgi9CsmSMjh6dO2XjPcSSqa-ratxJfBSX4s5RFY3PWbhMwx6Rf6rvUFh47hIE36ws6vT9FBPs3m5gzxdp0QUy7Q6qQxowNpTJw6eToHkRDq4SQwa-EYWUeCobiRPOzOUkx_SYD13i_YybL6WZAP12JZicKil_TthEs3c3PXuQZhg9sIZzdGynQtuuV8cioIR-e5-NEop9NfoYc8-skbIHJOIVRvDcKk_5FufwRMuKY2uOWBAqDpNx9TBFKDwkyYfRr1wiQdFEBsBSZSZL1x1AviaXTWeSSXbWrS6kgcC09jZf_Y7yS0pVwdREg7hBonuYM2doOhAfA4ybvsT2rIutQs67f27FAgxJPYO5yq7Tp8rdcGseB8sjX-tZHrHU21qt4gLKzQczWh3c0kMj7fYTEtULPf2SamHqOSDgHuEZ457oMweE49jyUF5p-oO6rQgh9IVITZ-Diy0Xf7brcKHeq4MTlcwz7O7LP5QBJ93uLcB5aVL3VXH-umd1Ykp3eC3JSQ49rd2-QXPZvDgbcueZJ0-0RlSGjrgOwcLanSBxdQGLcpQSG50aZv4TyGW5nw7rWScAqauZ9my6DScj1OvVh24uP8O_ONUTRqZ7J0pJgLw7yMaRpPVL8lnEdV2ohypOHkxQ63rN6DlVGVYhKhBmSS7uPF-DPsFbjKRzSQopVT-kkPOesfnQ_KFIJ-nLxySwwntxHFobmBT-t-EpU6-DtK0b3g0hE_WKIROTw1becwc3zlZ1-3Ph5_TLjkt7Bf11TaxpoRxFNz6aq3C-mEYfxgmSMvu01yeKN83RmdIe2a1Tl4i2U9hwbSd-1rmh1J7q54QlsGIs3E_IdexQKke21dhCkRVS1VX896YhyZw&sai=AMfl-YQU5MGtrIbLMmuladjYP7kOSYy2FCFOcREIZ6yChuVUI1K9HEIS3tumV7QNl7eVKDoAFzsQVLJkYd2pWDQIOe8Gj_6uz4lSOJWNS58YAhTXkZ876x-f6x5lSuLnbvzPxqJJxWnLWNiHDcydzO_9Wr8iNobJeQwPJymuPbBLdew3kUi0o0nDCHYCKPaQ3rF9IIm_AfYlDbKWNWRIuGXCav-ZF0PgxQ_AH_Ye-aOgC4ek07VL3alor6hBp4xojmn1&sig=Cg0ArKJSzDyn7RxQZk-QEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&cbvp=1&cstd=253&cisv=r20220126.38578&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 31 Jan 2022 11:42:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6657181183598343709/ Frame 55F9 36 KB
6 KB 104ms
72ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:19 GMT
expires: Tue, 31 Jan 2023 11:42:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 May 2021 19:27:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2AF7 0
61 B 203ms
115ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfkGsIZIjuDhEiRo-lEVgVbOQ_3oYoY-2NUlFJBQOajqfov7FpmK6Q4xlQi0f5LHXjZuUroNtr0I5wiHPYFzkiJacOU2aSGtRm2Ed4oMPGekUcbD1_8CFCu4puLLB_x8Fjg8iNORncfMPJqf5fRWdovlz3lGbCBT7AIUk2BJi3kQEaNoBfTl8UufVTSrUBzLq0BYYIriJbLTU1MHEAq08ZW9iWrc4j1ooPpwfw7UZbnLYsPL1uXLVtq7VGtRVbmpwP1p2ng3NoDUFCubEV_N5RJtk0t9Muuu_XF4j03uNFTtH3crxtqGdGlZ6VhX-XPnPoCofwyw9h9IhUmr86SFAD5Aoy7h4ioLlrrcoCL_ooTxrGgRILj3MP4keCjXtj-l4WXmgDCM8rpiDbXtkBB22ou7tiRwA9SyaTqan04XCijS9zvfk8n40hERh607iFKIw0bO0uuFS7LiEeXdALbD2ZYfWNvmLRiDqPJOWQAqxKDgUGwfLYV_xCYfnfvt-TPOaJa-4XCAMF_2xVfMXJiIjbEIj68ei1OW8M06KTvO3y06FGW7U7WMnKDRs5u51idgzFkXkB8LxvnuGaq-mjpYRzWRZ8iHpB0nimmTrHuJs_ikq0zHtFrG9-t8GQKfw8yUQE1xHlN53pFbUgfRz9J1aIp43nlqNCTfNylrYbkxQxfdJo9cbUwlvy60vHZp6MWKEbyA9mSsCNJ_Da30D7L10ZpMQn6WVAlf5rqZNXG-2THj2QLfUZH4JZzl8L1hL-vMypMMnwC0jSKtbzL68T9rAtVMlQww2F9qZG-wBnAkCsvfNYzqKz41kV5S4psOeV5tqaCVK9KMOHfIxktyzH1l4mAf5KSrrMiDw98-O0wGYb2UEEJs5uO0iYb1xl9yFO2pTvaZJYytfFrOR5LLG0t0vWjX9g5F-oxjRh8gUmSCq0qv_rIyB0YiQTLopHzouZDM5iQ2gmf1Fj3BYbHSDiRL1Vs5yeqPfeMaXLG7ffIh5OXIs2ECVXh6H3Xx5pzNsQ1IRp9UXg87qJPfJsvZRyqUkDynMqbBkFfB0IHVzJ0UC9A0eLlMMxDcW3UD-XlJWSM3NixuP-ZHHQniusRbuj1pDV3iPP8zi4qrHrKu9iDSG_t-vJ2ie4N4qpKQrgn2kMolW0N3FGx78pUfM3sGRNXq1eqqmE6G_htQtcoeYo9nBGH1VzLSZKDSxA1DX7LVrCV03Leg&sai=AMfl-YRsMMgWM0kQvUJXGAiWywoVD-kJM0aeQ_xVERgCBv2-EtfLSefnGYOqGXc-vjI_UUQFV-qDipCQ1LMCtQTNLJjGreUNuJuYFUWrOpiVEs-vp-TUD6n-NpMusQ4IIU5OuUUPlZEaLJfM2hyuL0-FobbxZ27r9lbxqwMRxTiVPOoP11cTz58AlQrktaA7sHAZq4VRTkzv-ZMCGGAPpwtk79w0Vm6CoR9srzYOJxMo&sig=Cg0ArKJSzE6yls-SbkNIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=247&cisv=r20220126.77176&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 31 Jan 2022 11:42:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 2AF7
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=4705015&gdpr=&gdpr_consent=
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=4705015&gdpr=&gdpr_c...

42 B
967 B

34ms
34ms

Image
image/gif

54.229.240.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=4705015&gdpr=&gdpr_consent=

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

54.229.240.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-240-78.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-0b8f90721.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0IfgnHFoTUk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-08f66671e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: g5ORjDysSTw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=322896887&d_campaign=26938792&d_bust=4705015&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 2AF7 43 B
1 KB 59ms
15ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=25742660&extPm=396917636&extCr=15577050631&gdpr=&gdpr_consent=&rnd=4705015

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Wuppertal, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 31 Jan 2022 11:42:19 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 31 Jan 2022 11:42:18 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 9362 930 B
931 B 42ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=91f34977db&subid=&uid=3f4d20f4362b4666&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAKT2Gcv3YaCFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9CCkATrBvwTdf0e-uNVyG31GcGeSyvulZYa8nWMV2YoSu--uucAO9CSIm1aA6NSo2HlkJOH0bg6O7gdoDNL4ugHIEbqAoDWqu-0GKoVdqRuW1sVvyFqyjDcCVepNCh5ESL1AdY2ENPZcSmZku8VAlq1oOn7WZ6y4Eulm6rEHrD_OYkWPmNBp8XmrZJEGc3tPu0EbXZJpjLLjjujAF35rFexyufpM7r_tw7NBdfvIKC64NHv6w1ZrGXKCLuB-JuHC8l3gZC87aNTBLWK1aY-wZzpQOeHrkLa-NQPI_crhCCuKI0ZydP9wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1mfr9bOQHuxRFhl83miuE-_TyWTQ%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C777KbGzKFxxtPfseoP4BWXz5YKA9cc1T9_NCTwlq7rpkSxBgy2vfcgFXQgey5662IA4BooAM061usEeDhisyCnlNeoXRVwiWxtdgG0qcW04KgR_6R1k6n6YTjwbLYWrq_TtbmtOvI9hZ55IoPpEVUDGTckQ%26cry%3D1%26dbm_d%3DAKAmf-BnkPHvz5tG55PzAxyc-QuZuaXH2Jj-GqnUpNKeOLlSa1vGkEBXmy6lxCuMgRnGwkhiQF2woxF12INKaY9A6lISiVOBmFPMfpoqSwL_6A2Y95AVH10H48JII0U_zeho35uOUPpYAAQ9-ss3Q9b7Dw5QYNYUoc1MFNenLArl42d8_VOxNLSIL8OholXYMprfqOlRHsdWHhiQOGfCEBPQInhv8X7_sg1xPD-VUpLR8l9OF5r53ZQLZ_WsgqCWxTSDsjLBd_rrhPh2dwE3M23Y_DLk55_GtJ-4J5mScwOPIxb8s__LhrxXQBUD3upRqqZ-wfMWLCLJ-zbO0H3yVO0B35xpgIUbc1rJbM2i9O8HSqw1E1KVQ8mYn8PDAtRc-s-19DQ91Fh8h8dqj8B0IzFDDWz_eQTPgqTHHQk5wXywLRwdqTsl33NfiQddC50zO3-1Wg8a9gTn%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=988897226757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Mon, 31 Jan 2022 11:42:19 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 07 Feb 2022 11:42:19 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H3

200

activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066 Show response
5994599.fls.doubleclick.net/ Frame C941
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066?

391 B
345 B

105ms
59ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066?

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

a51a8592a99bf5f98fd7ce183f936e8be0bb6913396f617ccd2fbc202580d571

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
expires: Mon, 31 Jan 2022 11:42:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame F5D1 4 KB
2 KB 37ms
11ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=38979700131350700757617011856014&a=a6ab1294
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=91f34977db&subid=&uid=3f4d20f4362b4666&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAKT2Gcv3YaCFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9CCkATrBvwTdf0e-uNVyG31GcGeSyvulZYa8nWMV2YoSu--uucAO9CSIm1aA6NSo2HlkJOH0bg6O7gdoDNL4ugHIEbqAoDWqu-0GKoVdqRuW1sVvyFqyjDcCVepNCh5ESL1AdY2ENPZcSmZku8VAlq1oOn7WZ6y4Eulm6rEHrD_OYkWPmNBp8XmrZJEGc3tPu0EbXZJpjLLjjujAF35rFexyufpM7r_tw7NBdfvIKC64NHv6w1ZrGXKCLuB-JuHC8l3gZC87aNTBLWK1aY-wZzpQOeHrkLa-NQPI_crhCCuKI0ZydP9wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1mfr9bOQHuxRFhl83miuE-_TyWTQ%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C777KbGzKFxxtPfseoP4BWXz5YKA9cc1T9_NCTwlq7rpkSxBgy2vfcgFXQgey5662IA4BooAM061usEeDhisyCnlNeoXRVwiWxtdgG0qcW04KgR_6R1k6n6YTjwbLYWrq_TtbmtOvI9hZ55IoPpEVUDGTckQ%26cry%3D1%26dbm_d%3DAKAmf-BnkPHvz5tG55PzAxyc-QuZuaXH2Jj-GqnUpNKeOLlSa1vGkEBXmy6lxCuMgRnGwkhiQF2woxF12INKaY9A6lISiVOBmFPMfpoqSwL_6A2Y95AVH10H48JII0U_zeho35uOUPpYAAQ9-ss3Q9b7Dw5QYNYUoc1MFNenLArl42d8_VOxNLSIL8OholXYMprfqOlRHsdWHhiQOGfCEBPQInhv8X7_sg1xPD-VUpLR8l9OF5r53ZQLZ_WsgqCWxTSDsjLBd_rrhPh2dwE3M23Y_DLk55_GtJ-4J5mScwOPIxb8s__LhrxXQBUD3upRqqZ-wfMWLCLJ-zbO0H3yVO0B35xpgIUbc1rJbM2i9O8HSqw1E1KVQ8mYn8PDAtRc-s-19DQ91Fh8h8dqj8B0IzFDDWz_eQTPgqTHHQk5wXywLRwdqTsl33NfiQddC50zO3-1Wg8a9gTn%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=988897226757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: ce5e803cb3d08f87ed79c2ad255198e9f2cbec243d8a99464649104aaf0a960d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 31 Jan 2022 11:42:19 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1549
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2E7D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d502c00d7f975639a6650d05f93263824cf70807dd4739af238414fb168cec6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame B067 930 B
930 B 17ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=7650178681431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Mon, 31 Jan 2022 11:42:19 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 07 Feb 2022 11:42:19 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H3

200

activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764 Show response
5994599.fls.doubleclick.net/ Frame D2E3
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764?

391 B
345 B

104ms
58ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764?

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

8046707bc8dfcf25a430bf3d908b55be911da5082168956cfb2238bc7b3f6c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
expires: Mon, 31 Jan 2022 11:42:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 2508 4 KB
2 KB 33ms
12ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=25704100131039600757617011856021&a=d8cc90b8
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=0904fb4e9c&subid=&uid=2680cf8a7737b595&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG71tGcv3YaGFOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9D_hotNc96XwaOkpRhnc0mPWrhLY90NxFIHHW2T4i6yxaChaXb0Hhpe2RoEW36kozZbRBTCbvXWJ_iSAkBBMAEbpPRS50HscUfXSIcqAbbOTO9NcFEQM1IcOjh362CxSzwke7c6SyeqisawDqpFrU-7jF0WOsBpqoPE_yN5XPdprc4J78QxsvIYPErA_nGonA9oHUhJ1sLjSXGvXo9HnRaEItB8AyGlrxwS3PIXrJSBIM6UsIE9G8_M0apD4bjBhnlgvg314jb_MT8lled8B1fhNaE57kFU1cidUFSrPQH4eaYNRtYKwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2pIcMPgi_G2P27LvXxGqZmsfgc8Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-BACFFGu0M0P7NnGG-Vblr_0hutmyOVA16ztR75SM1zZ5mT6T7bUo9xv5pkRf5M5zXHYpxQ_pXJmtmW09DGDY2XgVosjo_lC4HdZ3AJJR6L1_drvdpZYBaAAkq1dgFUEbdUv6Lbi7dFgcdUKtS42TrKn5qEgw%26cry%3D1%26dbm_d%3DAKAmf-AAvlRRSlWlkhDlZ3abwDzm9KzA5dDRIR2SPQNB9mopcZPlnYP1ghw2HXb9cwPqizx4q-H5uUA26XynNbzmfB0hNbkdaHOqnpLrbLgdByyd_jOgL-Chq0IqiF-YS75FAucPHQfWOw0UfzD5LqNa5KrfH54Ht-mpKns6rhM9T3plltPej7yGH_y7IkBLPqiZ_qLzowgR7HfOKvubDo_rfI0vF_Zu6oTY5C3q4gKyhtATdCO_Wq-7HEclDNeff1EcOUlJ2YZM-JytyUDmMg82rikhC3N5slG3sudjfIGdjej1CbhZSjUfe0rDoMR6EXemW0MKNfz7v26-RbOMKOOj6SFd7Rcm3Ke60615mfgFFg3OuNPdLuCOA_RSNH-gk-EfqeQTUMpgI-9L6selBF_19_7JogJFCWRltcVkeHBn7ZgRtjF0_DplcIT-suPE-oTKNbwWjcij%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=7650178681431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 0383dd0c2190b7db3f9bc62ab63d084a761fa51caee3649e2320d3bf4de72cc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 31 Jan 2022 11:42:19 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1550
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 493A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf3d3536703498ca8e40f6400282ba48ca33898f0042b60c9c135377b8cccf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame B39A 930 B
930 B 8ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Mon, 31 Jan 2022 11:42:19 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 07 Feb 2022 11:42:19 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H2

200

htlp Show response
futalis.de/ Frame 7DF9
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=93338700122440600710584011856008&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1182519362

350 B
409 B

47ms
16ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1182519362
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

date: Mon, 31 Jan 2022 11:42:19 GMT
server: Apache
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1182519362
content-length: 0
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 58C5 1 KB
2 KB 247ms
133ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=93338700122440600710584011856008&nw=1
Requested by: Host: id.tellows.net
URL: https://id.tellows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: e276f506381e356144db52f1e3b18e0bb2d653b23533ec24ad153015bdd76ca5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413 Show response
8019191.fls.doubleclick.net/ Frame BF21
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413?

392 B
348 B

107ms
57ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413?

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

6c80825a3f01e39d634394e2e76a6d9a03fae3af9d11b0b2282ccfacede9a872

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
expires: Mon, 31 Jan 2022 11:42:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 325
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame F8B5 7 KB
2 KB 33ms
12ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1b0f2e76a3&subid=&uid=e1218a112e404746&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoLqGcv3YaKFOZeSrAT54Z34Do_g-IZT9aiLpMoM8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOgBT9D8UKqrPP5XWuWLiVWsEOxFOnZCkVMQjnIQsV00jBs5NcEEcVxbRJAhYOZm8PnKndA9U1g9Z_ZrlSdbn03G1bGme09eWLISErxLjzfgc5hNA7x0S9uBfmEPzi1HggwKjYj_pvRiBLIB3l5RsWq7A5Zgktd3i3OKkdFe3RILoCOHvN11Pkn4VB79hWLS9gzzpfXf28VcjJDIirt9batgZdS_nDz0tnWO5DqYSSHGBNF82RgAJKW5kfEvtipjPEcTwezVpEvbC2kfkWmlS2rMtlnD2p5gx5DzXuVfEIS2zdyQ-s-gkHYYysAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_2T6TinlPfGX7K1pm5n4gb6oi42HA%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-ABL3M9EUEYCuQcCVODwtpqQaDzWMKxTHvfZuoB-qCXQC5dVlTvjZNzxcyiv5fqWhbtPD0Zpa1DJ0zaQ6WO6CzEK1eSsUE8WIFenFzgSIvWlsIhLPVfBsv0i-7PRSOZFNt8Iw_pKhfxuHRYGtNdCbmJ0yOqBw%26cry%3D1%26dbm_d%3DAKAmf-BKLrf_aSEBenozkem_ZlPC7ae0CWH_KEKK2ZMm6DWTa79uPXGJ-bEMS2TxVJo_pMrFzg1-M8RjbCo1dFHIhQFmq4Kpr_hoLryg7j66KFXIrzJ32l209tdkDU5SRgbEKqKBAtzlnedLgkgMLWh6fYf5T8ypRwVzHsBPNYpnvbO5aSrsr0M81PhBahe2J2CArVQQ69-JRlARylJBpn3uQFkvzwzmbq_d-UokWpBYVxCgfoY20iztPcX0r3ROLfyfCxom_LE8Ow9nfOHJHYZlc2EjrG5cYK_c8NPz4KUF_Jl6L1ee-FoEq2fao1rSnIQAo15ekA-IUR5GiYSCpy0BBBA95iFXldv-0n3stWxwlI5CcRkDahjUnjR-SNBTvgSj6R1BwldmzlKmnEg7cAGjV-SI780l2NQzS-ZuMhoKcelQ0mIDkLYr1ECfuEqHpenjupc7jYVX%26adurl%3D&documentReferer=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fd8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fid.tellows.net&random=7813478618501&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 23f362cbc36d77f9c0e1868da9ed800715b606b3ea98ac190499c734cca1621b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 31 Jan 2022 11:42:19 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2049
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 58C5 43 B
705 B 89ms
60ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=93338700122440600710584011856008&pv=1

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 58C5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 289df2775d53f3b10b6a7dd17ffcfbbabb32c760814af44efec3a63bce9eb414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame 9371 930 B
930 B 6ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=3177708991544&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Mon, 31 Jan 2022 11:42:19 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 07 Feb 2022 11:42:19 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H3

200

activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705 Show response
5994599.fls.doubleclick.net/ Frame CDD3
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705?

392 B
347 B

106ms
59ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705?

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ee2a35af0759720f5a796850568638c1f42cf615c6692203c1c3fd62a8705a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
expires: Mon, 31 Jan 2022 11:42:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jan 2022 11:42:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 7CE1 4 KB
2 KB 33ms
11ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=89923500122440800757617011856008&a=8f1c4ec6
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=kumirww3i0oj&nw=20&renderingType=javascript&namespace=c952c52bb8&subid=&uid=41a83faa51e6ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSacGcv3YZ-FOZeSrAT54Z34Dt2t6Khgz-rP5J8K8C4QASCZtL4aYJXikIKgB8gBCakCJRqvJca9sj6oAwGqBOcBT9DVkjRlEbxY0T4GhY7vMMsxJ6kybcUzVlwd6U6zAfIXWBuGoKptAmsPuvQZ6-9Sr3FBdHHngpsitjG0kGr3PhuceLUVLtFincxN_YYfu7cocnOb4hlgPF2ZTni80AP2O0ZOBYcQoglvXcOtneBZ0L7AMj6uyv1_PkOT0WGu6nIcSO_1SEDHf3rApt9PsIT50xl5km3iq0BRfDTN5oio23onz2PvEiDFPiaxURIS6c7faVAi4jPGnZzyqnZeI_E_vBgpJr5LYauvSzwj7eZ7CjZH37ZgYBSeWyirZ4ROBP7bxvxyHkoOwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M%26sig%3DAOD64_1nPN6cw15HDAcePl9Tz_nAn6gq6Q%26client%3Dca-pub-7355140920468051%26dbm_c%3DAKAmf-C_LTovQa2f3FreCdgte08cikNStk88jQkymTDAYhRTrqcgFR8p-IhNrv-Izqeo9MDfa3-Wn4UrA0TnGfZ5mCpArLhR-CNAIVbzH2ofZy6TE9dx5HvNOznG8TiW14F9yoWjys_npimbhe4f-ESmVGkA1viQNQ%26cry%3D1%26dbm_d%3DAKAmf-CKrdOsjj9O721lM-a_JE0Q3rdyVy3djIUICk5W6Vb3n9uFdKbNVVqV7kR938wStS5MtF7wvqaE2bbl0opExNQdpjfNqbQ9bCD5olP3PsX6qLOz8tq4fbU2B5zDwi6xSmbojhmT3OphtQSOVPOtCRgf2CJ2i5yzd686gfrxadxLZ4Yd0Et-KLBiMr2-jMQ3o0wze5cmMGbd4Plu7OKoeT9c-F3EsFJLF8orGEDOCuYwSbzzvJPV5jSO6Y3W17XdzsbSwdpej94OSXlb7m_BedHul20WQyx2aZm4eZg67xQ2QxTtLNsxuTmzgNV-cKCNaRlzRp2NqS1J5WkHy3GXtl4kXmb3O60Xb7kKOmzF5fp_PwLwXMOOkMT8jAlwnKsIBuVFF-gJd1hlA8Sef-wRGmiGNakSSWndHk_k1-YAHNW9hyEKbjVePcWYJUuB9jPPvlsx1VYK%26adurl%3D&documentReferer=https%3A%2F%2Fid.tellows.net%2F&ancestorOrigins=https%3A%2F%2Fid.tellows.net&random=3177708991544&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 25caf4708898cc333703a0fb8d35cb2ac16f246492afc28d17d8247295982457

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 31 Jan 2022 11:42:19 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1550
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9A12 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36b7fe9968e00d8d78a39c1c1104fb1212c636c60a56ba5797a76452a1fb1a0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame F8B5 4 KB
649 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 10:29:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 11:42:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F8B5 16 KB
16 KB 34ms
12ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 69adc3521490ab84dd5cbb453be79fcacb2af9215d1321958f10d78ef4830fec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16532
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F8B5 13 KB
13 KB 37ms
13ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 36b4321888e9019100a224541888d3d86f9d313ad1785b9208ea5d378b158e5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12988
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F8B5 14 KB
14 KB 37ms
13ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5e41f7c73e799b66a683829c36b786330e6093ab737c117dba9b6eac477b3fee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14130
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 hp_styles.css
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 3 KB
892 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34d57a38efd1887eb56ad60de0cd26756d98399e39a5e03fc237ff4c0011f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4BA4 113 KB
39 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jan 2022 11:42:19 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4BA4 118 KB
40 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jan 2022 12:03:55 GMT

GET
H3 200 hp_main.js Show response
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 6 KB
995 B 57ms
56ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/hp_main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

327dba6ac35159fac6cb978732f69261976d4d6c50a0e5b9fb4cea53b98e929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/index.html?e=69&leftOffset=0&topOffset=0&c=dQYDjGt0x3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 966
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6657181183598343709/ Frame 55F9 6 KB
2 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6657181183598343709/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1741
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 22:09:12 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 55F9 109 KB
37 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 10:57:00 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 55F9 59 KB
22 KB 52ms
33ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 532064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw%2FLyymtt1ZLsvcybC9yUgLNlyYnI0Uc4XyQOlg0f2m2G1YzQDq5y7JquP9MqZ%2FwvBb029piHej6VHSetx5S0op8X5WuOOd8ZgWtbvJdD18x%2Bfcl%2BWVgPYOPwdPpqBRi46oeZhi5AEXNsoPk9j0VAT7L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d62ad0e7ffe8ff4-FRA
expires: Sat, 21 Jan 2023 11:42:19 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 7DF9 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1182519362
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:19 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame F5D1 0
150 B 34ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=38979700131350700757617011856014&a=a4bff230&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=38979700131350700757617011856014&a=a6ab1294
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=38979700131350700757617011856014&a=a6ab1294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame F5D1 1 KB
2 KB 186ms
134ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=38979700131350700757617011856014&viewref=38979700131350700757617011856014&cp=385812962
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=38979700131350700757617011856014&a=a6ab1294
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 68bc01f479482039aa2775b9b582aefebf616c2a3aad5265f68402907ce53245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1268
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F5D1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9362 81 KB
32 KB 134ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21f852aad35b6931f67d623de312594a235b6b75ad298a1e815361251a727e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32052
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame B067 81 KB
31 KB 176ms
90ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21f852aad35b6931f67d623de312594a235b6b75ad298a1e815361251a727e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32052
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame B39A 81 KB
31 KB 218ms
132ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

962b4b8105e0dd777ea211212c4831d905e375d4f90ed105742704ccfd4df89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32054
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9371 81 KB
31 KB 199ms
114ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cf6a9c2946f97affab4a58cab0210a3d457f848c117d8d6489cc0d06a725b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32054
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 2508 0
150 B 34ms
13ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=25704100131039600757617011856021&a=744c5046&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=25704100131039600757617011856021&a=d8cc90b8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=25704100131039600757617011856021&a=d8cc90b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 2508 1 KB
2 KB 195ms
144ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=25704100131039600757617011856021&viewref=25704100131039600757617011856021&cp=804240068
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=25704100131039600757617011856021&a=d8cc90b8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: f93e9e43b188d414f82e3cef8ae158253b31a9d6859c14715703bb31658903e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1268
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2508 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 7CE1 0
150 B 36ms
14ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=89923500122440800757617011856008&a=1a2c77cd&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89923500122440800757617011856008&a=8f1c4ec6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=89923500122440800757617011856008&a=8f1c4ec6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 7CE1 1 KB
2 KB 186ms
136ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=89923500122440800757617011856008&viewref=89923500122440800757617011856008&cp=347299007
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=89923500122440800757617011856008&a=8f1c4ec6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 681d6824d4f58b09e6582a46dd662cde18eb13e843cd650553bea635b6ee94d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:19 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:19 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1268
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7CE1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764
adservice.google.com/ddm/fls/z/ Frame D2E3 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3bubf02_UCFYzd1Qod5ioLPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2286817078095.764?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066
adservice.google.com/ddm/fls/z/ Frame C941 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_Zubf02_UCFWT_1QodndgFcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4867842463345.066?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705
adservice.google.com/ddm/fls/z/ Frame CDD3 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLXbubf02_UCFZyH1Qod0n4AHg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1640571741040.9705?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F462 0
20 B 82ms
78ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B24lFG8v3YYOxCJaP7_UPicm1kAwAAAAAOAHgBAI&bg=!MzClMHTNAAY6OBv_Ojg7ACkAdvg8WnLyuM4wk1wtTyzOfYBRlCcBRfSxw21z4IQxOmOjj1zmeZoJQAIAAAGbUgAAAAJoAQcKAAX-Sa973pkC_FE4g6GCnmxc081t0JBPfy-HVxV3DuTSZsiup-TM1J2wnJaRQHtSUta7WuKQXqwuPkLz4T6ipN1EDPy9-tA_PfdvUz38bbR4o5gQfggVl2mfKLHVV2Ylt4lARP1d8X9_Mq1eQRvyb17V1UvNklnaws1Nmr7hzx_G_Nc56k-nnSninKd23FXvTLjs6xBdHPr5oToK6kq40GXLLS3q-EsEoGaODK6cgi6FE8V8iLGkM6K-ISHK0hgmUA8btaEkjxWjYEgqEh7YRGGNwUMqYaC9Htitl3nIOHqQB3mf-FO21LzlNPRFKR25VHtiz98BSXRKbmo5-BP5wBIlZY8e4bKSIGgUPFa1eVm258-HxJV-6Jy1YHwVsXNPzZFpM1wAqGz7euHQMCxhyJpDLiKUdH2MhqdwAvX9sag_CnODtI-Yb3DHHTMEruJSPFCHhJSFc-MD_9o4RpBKwun2d9GURJxWQKROTdhQgjttTTpgb65ZT2mx0a9mb1nhwVfoPEb-YeNgQCxGcf1Lnr0uHqLlST3L6YkFgx_ddkTYVU-CJtBZl3CUXmuUyUL1gfhK9ZDGhnP9-qp5FO1hlFUq4zO0d4G19wp_r76MlEzpfE_vknxRvFonZoD93Imm2tcoZQO4rGSpIOO8Taxl4DU3bQQsi_oiELeFh-lT6G0YsN3Y_XRphNkdhxuCBLL2Jbx_dIZF58q_n22_QcLQF4AykRHNik7PC9xlEZ9XLgXyrWH5Eo5c6Gwxj2A0kMTysvsuf8h3DeemnFQm5ZnWr_KiY7uDUWfngTB0_11iPs7LEV04wY2W8iR2U8H67gbHGMbF4DawjVg6rK5bBIyg-gUeuat5XlKSav7D0qlQjz_Pzrd4_itTPzqo_KpJOHeS-nGerloYIaghdbEDAp8vHqRWF-YAR3AXHDwmoW5t85qOy5JjZZjUKAtUzlbcUm4po4vU4ZGeGEDdYYwYCgkUNv8EsUKPWdZKTWqeiL3JPWkKZ4_UN6THquQ67tg7cr3MptLkkO9V

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 58C5 51 KB
51 KB 45ms
8ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=93338700122440600710584011856008&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 19593
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 31 Jan 2022 06:15:47 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: sC49VcG4iIOtih-dnWSpEd2i0JFyxNHNoUAUTEJUz49a96GfWO7klw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 58C5 3 KB
3 KB 83ms
32ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=94819200124945700710584011856006&wglinkid=2513145
Requested by: Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:20 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:20 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413
adservice.google.com/ddm/fls/z/ Frame BF21 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHSu7f02_UCFcUeBgAdKm8GXA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2657624173478.3413?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame F8B5 0
150 B 46ms
21ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=93338700122440600710584011856008&a=1ba314c7&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=93338700122440600710584011856008&a=ef2f65fc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 11:42:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame F8B5 13 KB
13 KB 137ms
49ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90008.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options: nosniff
age: 568967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 24 Jan 2023 21:39:33 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame F8B5 13 KB
13 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90008.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options: nosniff
age: 420353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 14:56:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2AF7 0
23 B 122ms
75ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfkGsIZIjuDhEiRo-lEVgVbOQ_3oYoY-2NUlFJBQOajqfov7FpmK6Q4xlQi0f5LHXjZuUroNtr0I5wiHPYFzkiJacOU2aSGtRm2Ed4oMPGekUcbD1_8CFCu4puLLB_x8Fjg8iNORncfMPJqf5fRWdovlz3lGbCBT7AIUk2BJi3kQEaNoBfTl8UufVTSrUBzLq0BYYIriJbLTU1MHEAq08ZW9iWrc4j1ooPpwfw7UZbnLYsPL1uXLVtq7VGtRVbmpwP1p2ng3NoDUFCubEV_N5RJtk0t9Muuu_XF4j03uNFTtH3crxtqGdGlZ6VhX-XPnPoCofwyw9h9IhUmr86SFAD5Aoy7h4ioLlrrcoCL_ooTxrGgRILj3MP4keCjXtj-l4WXmgDCM8rpiDbXtkBB22ou7tiRwA9SyaTqan04XCijS9zvfk8n40hERh607iFKIw0bO0uuFS7LiEeXdALbD2ZYfWNvmLRiDqPJOWQAqxKDgUGwfLYV_xCYfnfvt-TPOaJa-4XCAMF_2xVfMXJiIjbEIj68ei1OW8M06KTvO3y06FGW7U7WMnKDRs5u51idgzFkXkB8LxvnuGaq-mjpYRzWRZ8iHpB0nimmTrHuJs_ikq0zHtFrG9-t8GQKfw8yUQE1xHlN53pFbUgfRz9J1aIp43nlqNCTfNylrYbkxQxfdJo9cbUwlvy60vHZp6MWKEbyA9mSsCNJ_Da30D7L10ZpMQn6WVAlf5rqZNXG-2THj2QLfUZH4JZzl8L1hL-vMypMMnwC0jSKtbzL68T9rAtVMlQww2F9qZG-wBnAkCsvfNYzqKz41kV5S4psOeV5tqaCVK9KMOHfIxktyzH1l4mAf5KSrrMiDw98-O0wGYb2UEEJs5uO0iYb1xl9yFO2pTvaZJYytfFrOR5LLG0t0vWjX9g5F-oxjRh8gUmSCq0qv_rIyB0YiQTLopHzouZDM5iQ2gmf1Fj3BYbHSDiRL1Vs5yeqPfeMaXLG7ffIh5OXIs2ECVXh6H3Xx5pzNsQ1IRp9UXg87qJPfJsvZRyqUkDynMqbBkFfB0IHVzJ0UC9A0eLlMMxDcW3UD-XlJWSM3NixuP-ZHHQniusRbuj1pDV3iPP8zi4qrHrKu9iDSG_t-vJ2ie4N4qpKQrgn2kMolW0N3FGx78pUfM3sGRNXq1eqqmE6G_htQtcoeYo9nBGH1VzLSZKDSxA1DX7LVrCV03Leg&sai=AMfl-YRsMMgWM0kQvUJXGAiWywoVD-kJM0aeQ_xVERgCBv2-EtfLSefnGYOqGXc-vjI_UUQFV-qDipCQ1LMCtQTNLJjGreUNuJuYFUWrOpiVEs-vp-TUD6n-NpMusQ4IIU5OuUUPlZEaLJfM2hyuL0-FobbxZ27r9lbxqwMRxTiVPOoP11cTz58AlQrktaA7sHAZq4VRTkzv-ZMCGGAPpwtk79w0Vm6CoR9srzYOJxMo&sig=Cg0ArKJSzE6yls-SbkNIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=825&vt=11&dtpt=575&dett=3&cstd=247&cisv=r20220126.77176&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rtl-logo.png
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 7 KB
7 KB 38ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/rtl-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f4a748958a16bd77976b3e9d7211c7f7a46adaf0b2437102704504231cf330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7352
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 bgImg1.jpg
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 37 KB
37 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/bgImg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c8db5c51c25883440a1767306a8ae4fc718431827ac787b5f312199e03ab703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37376
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 txt_sprite01.png
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 5 KB
5 KB 39ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/txt_sprite01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56943f906adb9ce499f5b083801e3502cf69b3f0ecfbc2401ba3299d265c795b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4975
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 txt_sprite02.png
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 8 KB
8 KB 40ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/txt_sprite02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c034af9e40c3e319dc5d3b4a5f286064c1a45f5e32adf96172a4da27ec71663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7685
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 cta_01.png
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 2 KB
2 KB 44ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/cta_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc532b862f1293ba8828145d9590d8cd8728976cb26f6ada4e33ad71adf649b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2140
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 cta_02.png
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 2 KB
2 KB 45ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/cta_02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d31872073e36d062fab678c1339ca6f5de3c14f4d4fffc2ffd7213a3ffa3f1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2128
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 200 logo_ende.png
s0.2mdn.net/sadbundle/6914087382532819084/ Frame 4BA4 1 KB
1 KB 45ms
45ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6914087382532819084/logo_ende.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cad2d4899cea0cbd878832fff3ba8dc2407f4909533c532c340d52386c9a487e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6914087382532819084/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:30 GMT
x-content-type-options: nosniff
age: 529010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:19:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 08:45:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6424 0
20 B 74ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMl9tG8v3YeHwCOaD7_UPlJ-3wAsAAAAAOAHgBAI&bg=!2Nul25_NAAY6OBv_Ojg7ACkAdvg8WnIXhnExoJfiTTALfRCZCZzd4wGb_6wNsdT63_u_nqny1ybHWQIAAAG5UgAAAAJoAQeZA1yjxdK0_cs41wE2AfhThZoJX9RqNpDrGS7fIY6EXugpvq1hktpjt-RIq-N-G0Idi2cXmJobGNj02Y19mRJrxMggtyczp-GG-UamspP-80dNZ7C3T9iI5rZdiK8iYFMddjjE5-nmk0FGWUN1brCSVul4tGjUdRs9e-y-lUK0-QwhbqT-W8FyDHcs10g5YddDRoANhwW517BsTxWzAcKgvg5Vj0mq26pwHqhs0xHyW7q0tQ_7eWvxusEmBe5kgVqSRiCjp89RgRYlabHdqe9hZLjJqCFuX-lodY9n44fONgHsA_Z0RyMhHycxp0wE3UtsnRyOvxK5XdARNQWPMn3-9Aqg-yqOuxyJvF-MBygFFzYsDcom-7py4kGUD4Rl4lHxvAFgOB8849U0MzZ_ZBQRJP8DMMqA4YzRTgguGGVTcYwqpMpigPg80MKcRtEoBq7g9p68dfp0DHvXO4JN0mrA-jOjzSAS9Z75Kb6TR1iPUg0IrMqZGwUtIKSqe-yvLUC-t2_Z-AZqXhst5mRI_KBXHFBG1gHqw4ba1srIbGPaCVG_GpoxfBPCb1cGVuXWVTh8i-I_P9pBMD-y1740fe3IwT3pTpFKrrmBVb0EwppVDRgxSfDA11eVsFtrW8gBCk7QUYjMN_Im56yIy_b8zgse8jYBDGKr-mfa_Ml8JW8YWtm555zubU_ceYM8jV5IU2P6YSuRefrtaSm2P1Rcme8cT7aECXE10hJsFI5FHL7748Q87BXDuxTipTyHfJwVlFsM_QZfmu_iPC7QZDNbqz7lbnoz7nz3vTSD1kM36I_MgVCraobxgqoE-R4OrZPbDq65yg_wNJaz2nwTBMPhQhMZ6zvswBwQ_1nBc6zTNB7mWL1HHftxfKh5RTN37D06NEd7C-HyYGRCP58pNW4SncYqmKbrooXy6CYbdsMdYC-c6DJ2hFfUFKI8ddJzm-QclLUDLBt48mjgLGfeGupcxHlsZHdaFPg5HTOXBOQ6C1aYgKev0cgr5SIE_l_-MOs-OMUE1pmU518xvOGbIELW8i8gLeW2PAp6cMfUugjOWA8wdkh1HrSzRs1shcVQTpF0ZnLuqS_UG8YehsLuQ9rjdB59S26pYDok7EZCpx5nTNPHffOBvzpSNRsh9hUZ9r3F2A

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD11 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5JGgG8v3YYmgCdfU7_UPm72okA8AAAAAOAHgBAI&bg=!VFelVxPNAAY6OBv_Ojg7ACkAdvg8WvpXHn9UA2rSeWMxEDTwBuoGHBOhO_xWRZQuauJP4cy5z8JAjwIAAAGAUgAAAAJoAQeZAwmG4MkYHalypK1h6eRdksl7t4RHvSSIHsUoFkFXcEDQdifvGny_CK8c4zcJfiJym8-dGcHL0mtiqcBxTP7LWuzafL7N-Dk17Fih7UgiR3a4IueO4PHII2ir_8483tnrIKkFvfqdEgy3ZaYn7fE_eIuu6ZNTEuKD-hpSBWVsv63HBqSsS7eUDKjv-Zzhz4r8gqnVI5PZfp3ne41fr0QgslIma_WafQSY1DZe2crSpILXOnq-dRGVdDzNZr9mbiUmNV3Tg0GC9ceQ74DmMz4RH6Ad_MpVbO_5qsNGRjvRdPnQ-94cd0aDPSc6Jkyl1ov4SudocAzp2f0SzHZNvd5VPr43KlqPO6aT6R0hXFyQ366MA9QnZLjIHnCW9GHVV6Sa7LSUCH_VQN-vt5x3g6UP6l2E33xuIS3KEP4zKPqmu8OMOftEzjLrjYtpYfd2BTUBTUps9HZOnYXDdEg24OuUQd2ePzNVC0FbFFEpo4x1GNT4Ntb9qppLOpbW2yQnNhmx34o-TLAgvW7oTcVQEYSzjkAtPp7FWC44gBN3qqHS1oRvmEoRBuYMbYZv15kvavIPdXhH8-KWYT8xe3vhVCAVzW0bKaE8BDXGDILDdxfKAQTAbbP5x-hGna0LWc30KbOVelC87C1iCd6wxou24HuHNdCz84AHV4wYRWjmD6MK-85R98FyChHHKkZkAIBy4hNuaQ8COrqRUc7C7nOTg01YmRuFxegOzn-xtshfz_JFm2Oy4tciOYM47pDt2BibqPXHWkcEA-l6vfnX4HS74gcAByafgn7UohUpmE9JnqYNXzV8CugWww96tssFzmqy7wWx8RIcfSYy7F-ddNB8MclYArF77GNHwZj-2eSUs8A-mjJeLieVmIuvcas9c8OujajzDE3y96j5L4AcgIGYaEj11kfMyD0lBUfZy3FbUUv0_zFMqpFYd5xIprTMiw5LmOoqQO0Lspwmz8E_xvMz1afNQ-RKmXEsVtM72azHT2piQCmZDtso1uUrTM__XLLXGu2f1DFyugmmWzts8aI

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2029 0
23 B 76ms
76ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPbhjbkmsfOtDbwox7CulnPdykFYLbyXvqE-xbS2cOfnh36wI3Byg6mS23N_Gu_dIp2nrdjsDRX-xv8opfeCZxsjF6-CKr-h2vHPoceXeKP5mvOonprf1O9J-2Gyh7qmtbiqHcxP9EPPtmb22kEvLvbK9kp5aQb91d4KN98AJs9ntZAd0Ebt4OOaBaVARS0z_s4bZ0UCA_Oy-bfheC39CWY0XxnAvLwQazaANVVg77fO3mlfj3V1dV0nrIE_4ER-2InLGK5JeHdSDwDBSS-AsBA1HlfaBC44FGOsfFTrkpZAYbhFNALKaDN3J0f5fy3Sd3YGRsNbdlAeOLu8I1hnqF5zY7FnrfFsV8t1mgi9CsmSMjh6dO2XjPcSSqa-ratxJfBSX4s5RFY3PWbhMwx6Rf6rvUFh47hIE36ws6vT9FBPs3m5gzxdp0QUy7Q6qQxowNpTJw6eToHkRDq4SQwa-EYWUeCobiRPOzOUkx_SYD13i_YybL6WZAP12JZicKil_TthEs3c3PXuQZhg9sIZzdGynQtuuV8cioIR-e5-NEop9NfoYc8-skbIHJOIVRvDcKk_5FufwRMuKY2uOWBAqDpNx9TBFKDwkyYfRr1wiQdFEBsBSZSZL1x1AviaXTWeSSXbWrS6kgcC09jZf_Y7yS0pVwdREg7hBonuYM2doOhAfA4ybvsT2rIutQs67f27FAgxJPYO5yq7Tp8rdcGseB8sjX-tZHrHU21qt4gLKzQczWh3c0kMj7fYTEtULPf2SamHqOSDgHuEZ457oMweE49jyUF5p-oO6rQgh9IVITZ-Diy0Xf7brcKHeq4MTlcwz7O7LP5QBJ93uLcB5aVL3VXH-umd1Ykp3eC3JSQ49rd2-QXPZvDgbcueZJ0-0RlSGjrgOwcLanSBxdQGLcpQSG50aZv4TyGW5nw7rWScAqauZ9my6DScj1OvVh24uP8O_ONUTRqZ7J0pJgLw7yMaRpPVL8lnEdV2ohypOHkxQ63rN6DlVGVYhKhBmSS7uPF-DPsFbjKRzSQopVT-kkPOesfnQ_KFIJ-nLxySwwntxHFobmBT-t-EpU6-DtK0b3g0hE_WKIROTw1becwc3zlZ1-3Ph5_TLjkt7Bf11TaxpoRxFNz6aq3C-mEYfxgmSMvu01yeKN83RmdIe2a1Tl4i2U9hwbSd-1rmh1J7q54QlsGIs3E_IdexQKke21dhCkRVS1VX896YhyZw&sai=AMfl-YQU5MGtrIbLMmuladjYP7kOSYy2FCFOcREIZ6yChuVUI1K9HEIS3tumV7QNl7eVKDoAFzsQVLJkYd2pWDQIOe8Gj_6uz4lSOJWNS58YAhTXkZ876x-f6x5lSuLnbvzPxqJJxWnLWNiHDcydzO_9Wr8iNobJeQwPJymuPbBLdew3kUi0o0nDCHYCKPaQ3rF9IIm_AfYlDbKWNWRIuGXCav-ZF0PgxQ_AH_Ye-aOgC4ek07VL3alor6hBp4xojmn1&sig=Cg0ArKJSzDyn7RxQZk-QEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=934&vt=11&dtpt=675&dett=3&cstd=253&cisv=r20220126.38578&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F5D1 51 KB
51 KB 7ms
7ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=38979700131350700757617011856014&viewref=38979700131350700757617011856014&cp=385812962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 19594
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 31 Jan 2022 06:15:47 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: p5KB69FXUTsEcEFkhQJmPEvy1WC-iMVEKX93SL2qwyAZ8K9r4g5GjQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame F5D1 20 KB
20 KB 80ms
29ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=50279900120746000757617011856030&wglinkid=2699595
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=38979700131350700757617011856014&a=a6ab1294
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 756fe85c6f30abfd6bbf5a5558bf66936781c86fd61bb6bfce3dfe622256daf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:20 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:20 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 55F9 33 KB
33 KB 37ms
37ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:35:48 GMT
x-content-type-options: nosniff
age: 392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jan 2022 11:50:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55F9 6 KB
5 KB 100ms
54ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b39755fca27608f5c4a5e94c27c3aca27fd01e2c3d1c7892fd7e10894ecfef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4711
x-xss-protection: 0

GET
H3 200 blank.png_1621952972643_blank.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 55F9 95 B
120 B 38ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952972643_blank.png

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 18:14:57 GMT
x-content-type-options: nosniff
age: 581243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:14:57 GMT

GET
H3 200 DCO_1258_Ultimate_Value_0301_300x250_1.jpg_1643189560069_DCO_1258_Ultimate_Value_0301_300x250_1.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 55F9 50 KB
50 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_1258_Ultimate_Value_0301_300x250_1.jpg_1643189560069_DCO_1258_Ultimate_Value_0301_300x250_1.jpg

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf62824066ef9539251d7fac30277154d1edae7eddfc6b2cd57acebda138e896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 12:02:36 GMT
x-content-type-options: nosniff
age: 430784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51332
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 09:32:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 12:02:36 GMT

GET
H3 200 DCO_1258_Ultimate_Value_0301_300x250_2.jpg_1643189560069_DCO_1258_Ultimate_Value_0301_300x250_2.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 55F9 41 KB
41 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_1258_Ultimate_Value_0301_300x250_2.jpg_1643189560069_DCO_1258_Ultimate_Value_0301_300x250_2.jpg

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0087bb6ba3158917863040bf1d3476ad3ddce4d2bdbce7fd22ecff6b0c1282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 12:02:36 GMT
x-content-type-options: nosniff
age: 430784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42270
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 09:32:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 12:02:36 GMT

GET
H3 200 DCO_1258_Ultimate_Value_0301_300x250_3.jpg_1639565481337_DCO_1258_Ultimate_Value_0301_300x250_3.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 55F9 51 KB
51 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_1258_Ultimate_Value_0301_300x250_3.jpg_1639565481337_DCO_1258_Ultimate_Value_0301_300x250_3.jpg

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2774f69aa8a78fba1065c25d3678edab6761571c71beaf8e0527b4c7135b599e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:00:43 GMT
x-content-type-options: nosniff
age: 531697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52680
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 10:51:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 08:00:43 GMT

GET
H3 200 DCO_1258_Ultimate_Value_0301_300x250_4.jpg_1639565481337_DCO_1258_Ultimate_Value_0301_300x250_4.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 55F9 55 KB
55 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_1258_Ultimate_Value_0301_300x250_4.jpg_1639565481337_DCO_1258_Ultimate_Value_0301_300x250_4.jpg

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3915512868e8ea2385fe119164abe020135f1892cacbf390bea82200db3e7f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:00:43 GMT
x-content-type-options: nosniff
age: 531697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56367
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 10:51:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 08:00:43 GMT

GET
H3 200 DCO_1258_Ultimate_Value_0301_300x250_5.jpg_1639565481337_DCO_1258_Ultimate_Value_0301_300x250_5.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 55F9 37 KB
37 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_1258_Ultimate_Value_0301_300x250_5.jpg_1639565481337_DCO_1258_Ultimate_Value_0301_300x250_5.jpg

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7824bdd0ec871d0ef26483099b1726eb3c0c733cc79683780a786dabca7fd3b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=P1fGF4i7C8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 09:04:26 GMT
x-content-type-options: nosniff
age: 268674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37860
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 10:51:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 09:04:26 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2508 51 KB
51 KB 7ms
7ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=25704100131039600757617011856021&viewref=25704100131039600757617011856021&cp=804240068
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 19594
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 31 Jan 2022 06:15:47 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 0SCReT2O0KAP-teC7TNGKT_AHHdNKMiwW-ujO2KJvMqlIldtJYigUw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 2508 20 KB
20 KB 84ms
34ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=50279900120746000757617011856030&wglinkid=2699595
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=25704100131039600757617011856021&viewref=25704100131039600757617011856021&cp=804240068
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 756fe85c6f30abfd6bbf5a5558bf66936781c86fd61bb6bfce3dfe622256daf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:20 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:20 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7CE1 51 KB
51 KB 9ms
9ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=89923500122440800757617011856008&viewref=89923500122440800757617011856008&cp=347299007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 19594
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 31 Jan 2022 06:15:47 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: f9wbhOKY40U0V5BU-kJhWrJ71caMoc1e5Ghev_Ppvz4oKBugA44YlQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 7CE1 20 KB
20 KB 83ms
33ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=50279900120746000757617011856030&wglinkid=2699595
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2699595&wgcampaignid=99582&js=1&nw=1&clickref=89923500122440800757617011856008&viewref=89923500122440800757617011856008&cp=347299007
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 756fe85c6f30abfd6bbf5a5558bf66936781c86fd61bb6bfce3dfe622256daf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 11:42:20 GMT
Last-Modified: Mon, 31 Jan 2022 11:42:20 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4BA4 6 KB
5 KB 86ms
50ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de2b3829ea0f1157ec520a9a81805ecd27bf940789a902ae164ad1f16606f892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4675
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 142B 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBF79G8v3Yf6pCaGh9u8PotWu6AcAAAAAOAHgBAI&bg=!XF-lXxvNAAY6OBv_Ojg7ACkAdvg8WgemHjprIu_DFGCOQUxxSBQoiHvl4IZBHUEbkxU5FjXj4BK45QIAAAIZUgAAAAFoAQcKAE2_tAqJ42pO7dI2eEDUCdkt8Yu8mZijskRFpun4dh9hCXGy4Z-sf665TKTx2-CTYt9ar6tDmbKhitYHL-SyKnNVaWLrzM6ZTuexbbxeHJkDHilx9o_5_bsWg4hCba0i5-uQIz_-y4EIb7qOzpySIj5jxLxNxqvFbWnq2-ihpSGaRRQWlft4T5CPwOOJYVsfSDAXQilB3VgLTlKHD_zo1OyEL2SGHxCODdrcPgLXUTZSYTvE2vpXxOHK3cwDzvm2WFWZHlp17g3MRknRxxAm9Gpk8LZ057lNJ5An81zFceqreGKSjS-_keJcM4lfciuNvGH9AjYQqYOWoFDd_Z9k0MS3KjQZGCFUWkbyvc9fBz4A8lhP62vltJDmc7LG6TO6QC_T--uc_TWkaZUU5qE0Uf7k8A-qDuNDL64JdVpai8TqBEj91LWOtXClFjO5zkuWJV8Z-aSd-Ejalx62_ZIppraB2xGhRMxy6RbVZkZtGcEgBv3ojehjYWiTiDYKy94kXbghTI76Jpz9PRnVE6QUjGhAlrbz7fAYctzd0L4BnBmav8DuNtJZ2cmKUaZel_0W1lLLoM19dOonbJXiLceHR8J25OooiUbmXU--o5p-jE27up4ua-kAqzV46mSqe7gSOZD-HaRRfAsqmsNSc-YWVsDWHfCF4LLI3jlqz9OY76eLyZL_OEg8TuHTOVENARlSw3psRtuTQ-AbqK8N4BlNOF2HNluI33gVr0_pxAWsGl-BohruxaI1vFiQ3Fg78FHaSbX-E_o96laKWoPL6EroXHT6mcPbcdU1sQ8IoZNaYIZmH1iJbA_DoACTK_kFoxuYy0JKQHsef3zuLbwTM0LcNNaXBhoaxm3wTtJonp_TNje0LVLM90BzFNbKgqiYqQgLKfdadjDEQZDAnRHFhUFNRQFiu50O0ZbqMW2U9mKkVtr30xjTKo0dcxnkK0HG_YhN9zlVFcytj4xJkbWYk_dIJmYmR9p53SL3cbCucJP3OB_C-Pq2VYucma0A-pkcQ5GsfGqwbZV7sua9HUhE0Miliksut8GJPhwjasosJu9HMq3Bs4CMKlw8juZTNwArXOnpn7DEZpgZu86m8xqcagFoRO3vp_3mL3wOqQy0W2406D6GEM_QxF-HX7zlTR4AMq91h0HF_taVrxpue4b5YMJj4g

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1524 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlqN2G8v3YdzGCdiR7_UPyfi_iA4AAAAAOAHgBAI&bg=!nZ6lntrNAAY6OBv_Ojg7ACkAdvg8WsHmmc5mORQ4_ANF-fhAb15FJpD3Yh1m3gGHnpcC6yzpUQAI3AIAAAIdUgAAAAZoAQcKAAmCzWi2b4u1WDaZAx4jCjDU8aN36D6wnTjV3kY2PUxffNm9awfuzErtHijllpZZ5wXJCUUE5hM4niouW-cVWB2QUqGp8Sw0mcdjqrPolXuhsoAdLEqIo2PcuCAHvbvLLek0kGo0VStzGnK58owQbCUEGijC5BXoDo1xuyA243qyNUrkN03N6NtKgsXZG68fHPx5vj1PpG9rDYqrNYx-lSrh7miqD0Gp-wC4czS570gCk790y5SBiEA0xEDgXj1LEpNzx7o8AA0R8uHdwZndRmCk6ske-6nGqBTrZwnnbx2yZe4VZ10tp7t71vTiwUoiahX6DlW79CS1OxOCTqdgzVkC4Lui-8agfhCL9PyM_XOcjKfVUdT83zlZNz6406pM2LnRFGQAJe1i5pMIEz_dQEIWb1SfiC8H8ApkWGtNzgSluxjDxURVYvOKoXNXjqmK8TMW6drHF-Ym1yLkwD7_-81G_kwhKerw-kQwCi6JZgDPz6Bb7vWbpLzHboMQKkrX_mU306ezBnWCQfQqgtoX0HZN7npaOfNcPkGEfwLv6TnvdOW1prtgSkRu5Uz0VxuYCPDtzVz2-sxA6QbC2VLRJPhIvBp5_Yk2qh2qzaNBG6ItRrB6yu0_31HhbQnBqLCqBNHr1v0wnsMhGnScuBDaspu4mmn7LC4Bj361kkGcW2Ff2yuwTHXRJHaay6PSbo0UqLNwbzMDobGjgNuJ6e3BYozln6a0zSxur7U42flWDuQg4OuQ0HqoG4UHUZaPC5puc34yZJGHboFkyp-DS8xR1S_kp3NZIYEJ3pkP_X42B9k0rTMMisFsK6hSo74-o2SDTdtoTa45Y-sbP1dn6lPCRvAzECN_JgGXNjJvSImo3AzCoHNiC4OLpUnuyDEl0mlEk2P-sahaOMWnPixYgs8ysO78Nnv28RqvqNqynzL8GRGbW8tsJoh9SVyobUMJTEhhEMbbpxOKIU6mfU_-u1uLFWYgNoiiQSpBK8puSziyjUH65bLKDtGdJcHyxXJP4LwPYa8ErGN-a3CQGdGk9dVCB9KAIGiuSH2IrI8HUOYufalYAcZVSNdafRa0ni4

Requested by

Host: d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
URL: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8387 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2pF0G8v3YeH9B-DV7_UPzuCosAYAAAAAOAHgBAI&bg=!y8ilyIzNAAY6OBv_Ojg7ACkAdvg8Wg1IE6J-zjLf79wT6z44phnHwnxk2WeWzXGtg1Lc_Ebz9jexOQIAAAHnUgAAAAloAQeZAyxBT8yuxa18qsxem8hJajvupsIRTYDdZuVeKT2MfSV53h3rWMpLj7TMKzCxtsLl_CJhYVDfBxVAlGnYL6g4VAbG9nv84fwJBys4keYjBZw183Vh_8jWZ42M5bOoWXlRkUlqkWRVddtB6CGVij3G2BzcTyV4suMPDFadut-LnRbcvkhD2d8H4m-JBukesWokwg7-jHN9OU_KodeOAaFGrBIoaO3DygJMV8cT1rlQLHUubGJmG577YPpW3e2X2QL1ZCYMdYj5MoR7QzSAgLSxrSpoWAByXGFou6JrHUqlsxlUao03ZvXR6Nnw8GbmZniP2TbZzHdwvo2z2V0BNqsKMuP0TWojLSQJxJNc_evUyYICg7V84sKVIKZwsUy85aKy5HSZI_CBPGuvMeGqDnbVXihyHtF-vFI3R_Tq58JwOqn43zpYHg2netjtPHkZ482pDPnkNobepzaz9ynQ6Rg4vdnTrzzSfip6RTQYUtO99_O24eacdOw7QH1ToX0j9a1rNqYRJT6_iClXiwQ1EDoWJmZho7hu50LTKeaBMZZiMBXf-qijF19wkZdlC6bdJA7B44hZlcAw_1DzymnVpE_OLTKACp340ExKvBdzGy1gwbEendslCnbPOn3xeuPsjfC5h4UTdoLOUU6kW9hqpOvvE1bB0wGo4QVFKpK2TJJ8zzpTLESDF8aFifAxBIRsDpKouigRPhLo4I1RM9ndTBh0s87pOmMAliaGnjo4Bslg9wRkmjCXtzlcZKY61q13sfHYyvuOcIH5C2qSgGYvA19V0LT-XfCWc1rx_DJZGgz1ohpWGpOLz-zI6FC-CA5b5b5W1vz-_wHW2ElXyFdt7XgH9HHLwNUd8a_00aEL7dkcSFqHtbvTIPHgQE5DaVDRR8nzZgSNEGb0mH_nUwsJQmeGINXYr9pMsq8J8UamPIelOZfT2Ez5Htpx7YdxNrqRPpOGogPbR30KCfvvQC9xcgRekBW85vkoAGPuN8V13IqJrRjfY1DsZI1-LBI_Ob-rypV0JRLeda4vtnz8ut_U9w2nKXBcsQIb2YFijx36tcah6FVLR51bHKk6BfRQ71B6aA

Requested by

Host: id.tellows.net
URL: https://id.tellows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BA4 17 KB
6 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55F9 17 KB
6 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 52ms
51ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54ac80f01c18c9d7870b31d284bf313106c739f5158a153d9a7c790d297bf63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9009
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 140ms
140ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 11:42:20 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 83F2 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AF7 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXI7cz_DOfo9A32Q92k2hDguY4JncayasR97WGTH_MyGJ0HuQNL9ACc5bPSP7ddNYqqtPQ8BItu-Uz0DGv0llzU48ar1ZLkqG5YDaY4nh3Idbsi5ZArw&sai=AMfl-YSe_x8wacmO9M-CKdIR8ly21SmjQaUEhSH28WaaOEQXNHO9m8YvqdmyCMvPlVGGMJ-JxfDNlg90PfvkWMmtwvhdb5Dw-Z1G9gOP5OkBIg&sig=Cg0ArKJSzOIBBX0Xd-x_EAE&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&id=lidar2&mcvt=1000&p=498,485,748,785&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3940275376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643629338957&rpt=455&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 1355 35 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2029 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstb41BZfs7Jdv228WFYiDxLdsxmlwKwWiwXndcpTdxofW3gMDwsGjsdjblvlnZRaclfWdgoTq2YeH3qltS4JKrZpIHhnVe3otSrSg7Dr8LRTMbWWwqnwA&sai=AMfl-YS4o5wjY9s2N3nq9SSZgHZq48BIxtGUGBN7GEhCqbL0aWwuLJEIcO5X79mDWpVo2VB99FrS2HREgWikiJpWu89NtXIffn6cG7jPDKLVCw&sig=Cg0ArKJSzAkvSlEnpz7QEAE&cid=CAQSLgCNIrLMzHdV--873-IgwoJOz6MsODZ82wtqJzDA0v22LOU1COZ2e3wvH5-oU7M&id=lidar2&mcvt=1005&p=180,1261,220,1302&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3080137025&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643629338954&rpt=350&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 22A0 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 11:40:04 GMT
expires: Tue, 31 Jan 2023 11:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 003B 783 B
534 B 92ms
46ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5820fcacd56ab0c6f84f8c8e32fcf88f23f2bf5f2b92b309353c3913aff360ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8twkrq4e/2yGZfABmvrEvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 31 Jan 2022 11:42:20 GMT
date: Mon, 31 Jan 2022 11:42:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8twkrq4e/2yGZfABmvrEvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 22A0 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:37:55 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 58C5 16 B
232 B 82ms
82ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 114ms
29ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F5D1 16 B
232 B 82ms
82ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal900014.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
28ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal900014.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7CE1 16 B
232 B 113ms
112ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal90008.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 28ms
28ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal90008.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2508 16 B
232 B 86ms
86ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal900021.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 28ms
28ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal900021.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 11:42:21 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 003B 0
0 85ms
85ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=1609483219590685&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame 22A0 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=1609483219590685&bg=!hoWlhcHNAAY6OBv_Ojg7ACkAdvg8Wm2IhacNoCdRas5N77YD6GZ1ZF7M5YlQnbDJ4HPmJcbX7XGnTgIAAADHUgAAAAJoAQcKAI5mf6zW6dVLYrtrtjTIEy79xdz21BnV0Fs7Et6wSJGBhjVS59x8HGoHP8KOwCuQ88NAsXIKyo0NkZWDiwMzUbP45-QCc48kG82P9iQu-7iABypwtQCIcDalOL3rydqONixPPzJYSBsBg7Qh8UUFkwNkbYo4tmkAqrXN8WIFnmLK8pCYhwWezTd00K7GZjgBmQLQD_tlEKvCnsOEv-ab_uFDwjoykffkBIglLVcroheATXhW_ZigUPGO8kPKr7YUDVd7L7b-pR3F-JBYVVzlYNJbxCRO_aTH9ibAmNZzRIC-b6WDAvfaBfzMH7SjPT7zfBI__9hf_2ZxwjqxCDc0cYmQJjNoOxNlP-As50rF_yg3RSVFXxICM4ZtxPrmOGlrZ6IJ-Us0nb3CNUvRCiknxHId_T-nZ7IOBMLvc6KybCHu_lhF0MQPN7gXit5WjwCQEUxYY2IfD3jXRdHqrm3ohYlXXFeZNpigM_tXbU0NJC45zAVeVDdLz6Gou3HzzB0Kq1dn1Ck5pkun3nDN6-94XvG7NPmgbhSjfeO2AOga4MUQMOxN20ZHjJpnptH4bCa5QgKA7N97nrk88m7X46ZeUz4lrgXpUbCm_ivMBC5bpSHa0RWj0ipHHktxW4LwtBTs_QsVx-_OLXtt6sIoVqOvzswnWeVbfBFag0RIyRhdK38itMgW5fHGpllx08d6tcg3KHt4P4drMsUt8Rs4kp-CcHLA48kH0RHBGgNG5wWLt1G5VFJdP_bDR6NYkCDqoiiYgH3BQJyXIVZiKozUhF_earm_QbLR0qHvq-KFk89zheHA3VKiW5JJGnmrjxh2q8yGDMCTJ4zI2MeuCNM3M94QbB87gtlcaZZY9xonKJQ9Y4ucVSqMGDPDxF0qT7w2uMBSA6nDN7eBouGh5mZdQl454K0amY_oYl0j0efZGXzZRKiqWwW1GqJIIqnBMkz6GcQt94U80VW9shcwte6f0sU3VFLq38xKXDqpZ3p1F4w3pp-fEEcPfXHW8m95xczPfXTjrsWuL3GFzog5LV954schWGItFXIOyQ_8y3Z9KOfJ5yclCtkXJ91HVAVzbKlNuXCG1Dq162HfPWdabOmLDcyo8YvJ2PIymSTPpyI_VURCPCleNSsmR2JoXbcigW7jwfqqFfSY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.tellows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 11:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?8GLB_Q

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
id.tellows.net/	1969-12-31 23:59:59	Name: _session Value: ef2rklrohp8mpnkl4u3crtk7sb
id.tellows.net/	1970-01-20 18:05:01	Name: __utma Value: 1.1744312839.1643629338.1643629338.1643629338.1
id.tellows.net/	1969-12-31 23:59:59	Name: __utmc Value: 1
id.tellows.net/	1970-01-20 04:56:37	Name: __utmz Value: 1.1643629338.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
id.tellows.net/	1970-01-20 00:33:49	Name: __utmt Value: 1
id.tellows.net/	1970-01-20 00:33:51	Name: __utmb Value: 1.1.10.1643629338
.tellows.net/	1970-01-20 09:55:25	Name: __gads Value: ID=8a93bc9922d4fd92:T=1643629337:S=ALNI_MZ7VtLYqnwjCnGEtTtZZnGwUOvtVQ
.casalemedia.com/	1970-01-20 09:19:25	Name: CMID Value: YffLG-YSYejnhQF1.-.N3QAA
.casalemedia.com/	1970-01-20 02:43:25	Name: CMPS Value: 3268
.adnxs.com/	1970-01-20 02:43:25	Name: uuid2 Value: 6400473027036619716
.doubleclick.net/	1970-01-20 09:55:25	Name: IDE Value: AHWqTUlP1LkMJZOEgu_XZ7bItPZQb3hGnE3k27CpNQLFc86qPshMkuNcS_zieIdkRqQ
.casalemedia.com/	1970-01-20 02:43:25	Name: CMPRO Value: 1149
.casalemedia.com/	1970-01-20 00:35:15	Name: CMST Value: YffLG2H3yxsA
.adnxs.com/	1970-01-20 02:43:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU'h.f!=!]tbPl1M>e)ZlrFUfJ+tGXxpO:=Rw5Lx30Q:<j?6MX!$OEY%PH_KBlDua[ZmbpRzqF1`b_qC>!tC
.casalemedia.com/	1970-01-20 09:19:25	Name: CMRUM3 Value: 2d61f7cb1b2760CAESELesOzcuDtwkiys9JVovx7k
.doubleclick.net/	1970-01-20 00:33:52	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 02:43:25	Name: 8lcfmzhxc8d6_uid Value: 04821b392fdb7467
m.exactag.com/	1970-01-20 02:43:25	Name: exactag_new_gk Value: b494d5a2c123457298357c66527aeae7%7c01.04.2022+11%3a42%3a19
m.exactag.com/	1970-01-20 04:53:01	Name: exactag_new_uk Value: bb7f59e9d5834d6a93df9c9ee22dcb79%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 326063b040af46f38cd50032
.retailads.net/	1970-01-20 01:17:01	Name: ppb2172 Value: 1182519362
.demdex.net/	1970-01-20 04:53:01	Name: demdex Value: 79395694139405298411663240502543005324
.awin1.com/	1970-01-20 00:36:42	Name: awpv11830 Value: 296283\|1643629339\|d8d0c0e3-828a-11ec-8c3f-2264c4c094f2
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577
.skydeutschland.demdex.net/	1970-01-20 04:53:01	Name: skydeutschland Value: 79395694139405298411663240502543005324
.futalis.de/	1970-01-20 02:00:13	Name: raSIDb Value: 1182519362
.office-partner.de/	1970-01-21 00:33:49	Name: source Value: {"webgains_webgains":{"timestamp":1643629340248,"clickCookie":false}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.retailads.net
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
d8a0e792ee69fd665530b8a8ef22d05f.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900021.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
id.tellows.net
m.exactag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.adsafeprotected.com
platform.twitter.com
s0.2mdn.net
securepubads.g.doubleclick.net
skydeutschland.demdex.net
ssl.google-analytics.com
static.adsafeprotected.com
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
104.111.239.217
104.244.42.200
138.201.63.150
138.201.64.38
142.250.184.226
142.250.185.198
142.250.186.162
144.76.238.55
172.217.23.98
176.9.26.250
18.66.97.126
184.30.20.241
185.33.220.243
2600:9000:223f:7a00:8:48e:53c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2606:4700:3037::6815:597d
2606:4700::6810:135e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:812::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a01:4f8:d0a:2321::2
2a0b:4d07:102::1
46.236.13.147
49.12.16.151
52.50.67.198
54.229.240.78
54.72.0.164
85.14.248.91
0383dd0c2190b7db3f9bc62ab63d084a761fa51caee3649e2320d3bf4de72cc0
04b8a050856056ec7cafc1623d1cb72a4c4016d96a1203b7ba6ce38df88b5f08
0592b2770e290ac31de5709fc712ec5e8a558871ba441cb1186dbf25f82ed9e6
05e64122fbfaddb159dd1afc0f21ebd44d1364fbf912f19fe9f6cf89e760dcd7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13db77e5b8887c6b776244ae3011d4f6e18d3831619ee84d678cdfbc9258eadf
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18abe09a99a8295febee74dabf836b90fca2ec3ace7946305f4f450968d31dc8
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a81da962ba300addfcec11c8ae7f4a495ee437de0dc6fbd603934db202a901f
1bf3d3536703498ca8e40f6400282ba48ca33898f0042b60c9c135377b8cccf5
1d8a15fabdbc5d71ff3755d94e188a073c29f64a10da2260fc1d03c782bf59b9
1e560ba9d885d8f978ffa627e0fa8be56bbc001c8201f6de2ae991cbe6ae50e3
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
21f852aad35b6931f67d623de312594a235b6b75ad298a1e815361251a727e93
22012240a6b9a0cf6429cd0289bd87faa5375f254c8c996194009c84645fcb19
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f
23b63e226e992693f10ce47196a6ff443239759f7e5faa4f19f412b29c437b84
23f362cbc36d77f9c0e1868da9ed800715b606b3ea98ac190499c734cca1621b
25caf4708898cc333703a0fb8d35cb2ac16f246492afc28d17d8247295982457
2774f69aa8a78fba1065c25d3678edab6761571c71beaf8e0527b4c7135b599e
289df2775d53f3b10b6a7dd17ffcfbbabb32c760814af44efec3a63bce9eb414
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0087bb6ba3158917863040bf1d3476ad3ddce4d2bdbce7fd22ecff6b0c1282
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
3218ad45d9670bf8a5f36a67527d40a468acddd10b7b5c68f5d652fbfb547328
327dba6ac35159fac6cb978732f69261976d4d6c50a0e5b9fb4cea53b98e929e
36b4321888e9019100a224541888d3d86f9d313ad1785b9208ea5d378b158e5f
36b7fe9968e00d8d78a39c1c1104fb1212c636c60a56ba5797a76452a1fb1a0b
37288ecb2db8752e8064471c31f88d4913a0cc903569daa4b90213d80f592521
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3915512868e8ea2385fe119164abe020135f1892cacbf390bea82200db3e7f37
3a5a0f005e5643006a40b3f7910a5cca1dd44c02bb99edf781f48162018240e1
3bcedc91867ef9556387ba82898a650e02a05d2a1af99470de2de5f276b57889
3bdc8c9f7d2147bb29f50034767d0ac8fb502f64e6bba2e4c211274210acd9cd
3c4d549a5a6789b5bff7069f76dbca11f9f6b91042bd9fb4ac9de7ef2b5a4308
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
48f51f637283068eeebbdd97d8457af301fbb1f051bbb5fad6ec0d988aaa9e08
4af79806cc8f87c56d876522d96eee1a5a3e717e130860f800c142fea37719e6
4b39755fca27608f5c4a5e94c27c3aca27fd01e2c3d1c7892fd7e10894ecfef7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f8f7a0ef057bca814af78355732549cceafc8ac1436cbd15769bfd1fbe70e8c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5282bf4b356e8e0cdd5b79b770f43d8c6ec0b891b30f958b50d511dfac917bd9
5417c4754ca14638867d4801117d800020e04bae3b9a5d689b643b5f33255011
54ac80f01c18c9d7870b31d284bf313106c739f5158a153d9a7c790d297bf63f
5543c0b4c7762e95f78cd2a8c967906d7cfdc1244e056c894f414128ba0de574
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56943f906adb9ce499f5b083801e3502cf69b3f0ecfbc2401ba3299d265c795b
57497199f9b1d717565cff26dd8727c37937159984fc901b27c6202efaaf65a1
57a2a4e0192326d3a2824c6117673a4bb5fc9f241e58562bef65306705ff62e1
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
5820fcacd56ab0c6f84f8c8e32fcf88f23f2bf5f2b92b309353c3913aff360ee
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8db5c51c25883440a1767306a8ae4fc718431827ac787b5f312199e03ab703
5cf6a9c2946f97affab4a58cab0210a3d457f848c117d8d6489cc0d06a725b58
5e41f7c73e799b66a683829c36b786330e6093ab737c117dba9b6eac477b3fee
5f2decc3ffee192eb38fc776f048c75e1d64b7c2d277437179fc86a0a878b422
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e2a842272975f5820a413d4d2fbe6c56a42f42de5cd96c1de0550b02c8b21c
64d5a23ca6a679db3981b4683fbfa2ad9630312943ec6f059b42a4984063b608
650e833e3c58ad49fb494b4ca78c027b2583ee837528c188aeff1c54c9b5a65a
664f0fbaeda8912b26592fca43a9c0170776af815af58503630bcef13950abda
681d6824d4f58b09e6582a46dd662cde18eb13e843cd650553bea635b6ee94d4
68bc01f479482039aa2775b9b582aefebf616c2a3aad5265f68402907ce53245
69adc3521490ab84dd5cbb453be79fcacb2af9215d1321958f10d78ef4830fec
6c80825a3f01e39d634394e2e76a6d9a03fae3af9d11b0b2282ccfacede9a872
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
756fe85c6f30abfd6bbf5a5558bf66936781c86fd61bb6bfce3dfe622256daf0
77144b1e128cf1a6d5aa50e822e22d761296f0e397b8dc7fb78d9c4f0f4de82f
7824bdd0ec871d0ef26483099b1726eb3c0c733cc79683780a786dabca7fd3b2
790b4d65c99242a17064cab9308d2a1bc77bb89133f467e19117eaee8f9ddc04
7c034af9e40c3e319dc5d3b4a5f286064c1a45f5e32adf96172a4da27ec71663
8046707bc8dfcf25a430bf3d908b55be911da5082168956cfb2238bc7b3f6c23
80c5c1b00b2a46a222cb265a4ab7f72c8a7eaa90340f47b83ce140c33acddeea
8147364b61e561dd883dc4960fa6a6492aa64e8473b6448c548f5f2b5649ba05
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
866d69ed9ab89aa39d47bda16f2642df5b8cd85bff05286a0dfad18d60893b50
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8908f3614fe3591079ac74b1ae301526a988260d443e5e3320584357dd6b41fc
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a99052e11a7407510294140ce2aeff15344fa7ff4d1101bab22f0ae02a593f5
8d502c00d7f975639a6650d05f93263824cf70807dd4739af238414fb168cec6
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
922a6318eb3fdd36bed74de0c7dbd937cd39ebeadf309dd5e52eb58e2671abb5
932413d92c4e75883ecd64c99b9d7595dbd355c391a1da81dadecf14f8c9d2a0
93f36dc406d32e61aeba986c91e1151e0922e7516971854e14e7aefe007b2236
962b4b8105e0dd777ea211212c4831d905e375d4f90ed105742704ccfd4df89f
9a394fd458f741993a8a4e797f6772c5928b4d88b59959e12e706f80ac1a5208
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9e5e6e88ff0640998ccd2237c5f38cf2f4895363dbde40163ed8b7e110732dde
9fd4c4a5a221267eddd17014c464be23edbce8220488b20049d9980111381fa3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a2f4bf8ded6d34edea50fa8ef61fb0c6828161174550ec6effab6a4ac410e31e
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51a8592a99bf5f98fd7ce183f936e8be0bb6913396f617ccd2fbc202580d571
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cc25d5675f011e24119f0ce77be31d263f7e7147b753d9ced3f8ceb0feef21
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a997f2bc6e2f83bd83498477cb5da2465032589e9b26c122cea168b4f110a807
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acf6d1cc9444559574ff4a20b692cd3870bfb1ed3bd7983cdd807f90da06a618
ad10876fa6c206343957fa046e8a5394d15365f79bb2beea08989e4f11c7c5b7
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
ae82b60130953841c9dcb8194c473a203ae3e46ff2cfcfd6c3dbcde33124654c
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38771c470632752d8e4a32287a0c31020e0256448f71b390b47e0767b0ddb40
c004241fea74366820f9f01c8667d8e22e7c15952c2a05acbade2d7537debb1d
c34d57a38efd1887eb56ad60de0cd26756d98399e39a5e03fc237ff4c0011f26
c416246777531463a86c6aa5e60b77ea850ab647980f78920929c2b3f3378467
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c4673a3971c636e3e956e8d78fbf2bd72d01cf82b3fbb7a4debb7b2398eaf74d
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c851c624da29d5cedabf42ea7861d5382498efe059a337a6d8fe2876e436bd66
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cad2d4899cea0cbd878832fff3ba8dc2407f4909533c532c340d52386c9a487e
cba6644ee504779a7dfe750b7ad7fa382e6ccf1fde881f4f39507edda4052706
ce5e803cb3d08f87ed79c2ad255198e9f2cbec243d8a99464649104aaf0a960d
cf62824066ef9539251d7fac30277154d1edae7eddfc6b2cd57acebda138e896
d31872073e36d062fab678c1339ca6f5de3c14f4d4fffc2ffd7213a3ffa3f1be
de2b3829ea0f1157ec520a9a81805ecd27bf940789a902ae164ad1f16606f892
e276f506381e356144db52f1e3b18e0bb2d653b23533ec24ad153015bdd76ca5
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cd53f5c355c820d821ca39cffaeb101ed8d821a50deb0ee641a50afe5f354d
e68cbeb150fd7a642af63fe2f325df4865b9f450e8b29327bdb2a447069af859
e6f4a748958a16bd77976b3e9d7211c7f7a46adaf0b2437102704504231cf330
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7a47b9e0d8ea909a3d6e95f081c5b661b67340cec140af56f1e3a72435098b6
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee2a35af0759720f5a796850568638c1f42cf615c6692203c1c3fd62a8705a3c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f93e9e43b188d414f82e3cef8ae158253b31a9d6859c14715703bb31658903e5
fc532b862f1293ba8828145d9590d8cd8728976cb26f6ada4e33ad71adf649b6
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

id.tellows.net Open in urlscan Pro 2606:4700:3037::6815:597d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

301 Requests

90 %HTTPS

53 %IPv6

27 Domains

44 Subdomains

40 IPs

6 Countries

3203 kBTransfer

7044 kBSize

27 Cookies

58 Outgoing links

Page URL History

Redirected requests

301 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

id.tellows.net Open in urlscan Pro
2606:4700:3037::6815:597d Public Scan

Screenshot
Live screenshot

Full Image

301
Requests

90 %
HTTPS

53 %
IPv6

27
Domains

44
Subdomains

40
IPs

6
Countries

3203 kB
Transfer

7044 kB
Size

27
Cookies

301 HTTP transactions
13 data transactions