dayviews.com Open in urlscan Pro
172.104.155.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dayviews.com/nflow2/
Submission: On June 07 via manual (June 7th 2023, 1:28:35 pm UTC) from IN — Scanned from DE

Summary HTTP 138 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 23 domains to perform 138 HTTP transactions. The main IP is 172.104.155.73, located in Frankfurt am Main, Germany and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is dayviews.com.

This is the only time dayviews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	172.104.155.73 172.104.155.73	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2a00:1450:400... 2a00:1450:4007:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:81a::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	18.161.97.41 18.161.97.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4007:813::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4007:80d::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4007:81a::2001	15169 (GOOGLE) (GOOGLE)
4	23.192.95.113 23.192.95.113	16625 (AKAMAI-AS) (AKAMAI-AS)
6	18.197.26.132 18.197.26.132	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2490:d200:1b:7f5c:2c80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2	52.211.7.73 52.211.7.73	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	142.250.75.226 142.250.75.226	() ()
2 4	69.173.144.165 69.173.144.165	() ()
4 4	69.173.144.139 69.173.144.139	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3601:3dfe:b416:be63:4860	() ()
2 3	67.220.226.232 67.220.226.232	() ()
1	15.197.193.217 15.197.193.217	() ()
138	37

25 172.104.155.73 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1671-73.members.linode.com

dayviews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dayviews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn07.dayviews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:81a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.97.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-41.mrs52.r.cloudfront.net

m.burt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:813::2001 (Ireland)

ASN15169 (GOOGLE, US)

8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4007:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4007:81a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.95.113 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-95-113.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.197.26.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com

lwadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:d200:1b:7f5c:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.lwadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.7.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-7-73.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.75.226 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:3dfe:b416:be63:4860 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.232 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	dayviews.com dayviews.com www.dayviews.com cdn07.dayviews.com	776 KB
22	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 121 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net	462 KB
20	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2601 smarttag.rubiconproject.com — Cisco Umbrella Rank: 14956 fastlane.rubiconproject.com — Cisco Umbrella Rank: 526 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1112 eus.rubiconproject.com — Cisco Umbrella Rank: 627 pixel.rubiconproject.com token.rubiconproject.com	44 KB
18	googlesyndication.com 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154	76 KB
8	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 acdn.adnxs.com — Cisco Umbrella Rank: 600	40 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161	15 KB
8	adform.net adx.adform.net — Cisco Umbrella Rank: 4174	2 KB
8	lwadm.com lwadm.com — Cisco Umbrella Rank: 97253 content.lwadm.com — Cisco Umbrella Rank: 270761	297 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	242 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 apis.google.com — Cisco Umbrella Rank: 171 adservice.google.com — Cisco Umbrella Rank: 106	77 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	111 KB
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1518	49 KB
3	amazon-adsystem.com s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com	2 KB
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 670	539 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	89 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	211 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
1	adsrvr.org match.adsrvr.org	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	620 B
1	linkedin.com px.ads.linkedin.com	649 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7760	531 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	burt.io m.burt.io	35 KB
138	23

	Domain	Requested by
23	cdn07.dayviews.com	dayviews.com www.dayviews.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com lwadm.com
8	adx.adform.net	content.lwadm.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
6	ib.adnxs.com	2 redirects content.lwadm.com acdn.adnxs.com
6	lwadm.com	8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com lwadm.com content.lwadm.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	dayviews.com 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	cm.g.doubleclick.net	2 redirects
4	eus.rubiconproject.com	content.lwadm.com eus.rubiconproject.com
4	gum.criteo.com	2 redirects static.criteo.net
4	static.criteo.net	content.lwadm.com static.criteo.net
4	script.4dex.io	content.lwadm.com script.4dex.io
3	aax-eu.amazon-adsystem.com	2 redirects
3	stats.g.doubleclick.net	dayviews.com
2	acdn.adnxs.com	content.lwadm.com
2	mug.criteo.com
2	secure-assets.rubiconproject.com	8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com smarttag.rubiconproject.com
2	bidder.criteo.com	content.lwadm.com
2	ad.360yield.com	content.lwadm.com
2	fastlane.rubiconproject.com	content.lwadm.com
2	smarttag.rubiconproject.com	ads.rubiconproject.com
2	content.lwadm.com	lwadm.com
2	ads.rubiconproject.com	8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
2	connect.facebook.net	dayviews.com connect.facebook.net
2	apis.google.com	dayviews.com apis.google.com
2	www.google.com	dayviews.com tpc.googlesyndication.com
2	fonts.googleapis.com	dayviews.com
1	match.adsrvr.org
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	www.google.com
1	m.burt.io	dayviews.com
1	www.dayviews.com	dayviews.com
1	dayviews.com
0	s.amazon-adsystem.com Failed
138	43

This site contains links to these domains. Also see Links.

Domain
nflowtech.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-17` - `2023-06-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
lwadm.com Amazon RSA 2048 M02	`2023-02-09` - `2024-01-14`	a year	crt.sh
*.lwadm.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-14`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://dayviews.com/nflow2/
Frame ID: E94B3352ED9654CD412C27FAE4DC7521
Requests: 48 HTTP requests in this frame

Frame: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0AE7EB285EB66A3C1BB35A297C1DEC42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20A7E2C748AEA4D2D65B74B5B557289B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67F1D0FA8AC081F3B461FD7EB07C8AE1
Requests: 2 HTTP requests in this frame

Frame: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 08C19254109F4596D7A020CFF4104280
Requests: 10 HTTP requests in this frame

Frame: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63BE4E2E92EC3D10123FF075D7BB5F59
Requests: 9 HTTP requests in this frame

Frame: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 375020C4260B0F6567E9052A33D9A925
Requests: 23 HTTP requests in this frame

Frame: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F47190123B27F53CAF2E3BD2B05F21B7
Requests: 22 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dayviews.com
Frame ID: 6A3EEFACC874A47C4B8B08008214E498
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dayviews.com
Frame ID: 937AF297C553173AE80D2C0E9083FBD5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 87B83B8D2376C62A8C58063109E9C8D9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7EB0AFDCB5053D9EC6FD71D224BD31F2
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 53ACD3F39B1AECB22AFA57DE5F02425D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 42A27085A3FBE56D72333384993ADC69
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dayviews - A place for your photos. A place for your memories.

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

138
Requests

68 %
HTTPS

61 %
IPv6

23
Domains

43
Subdomains

37
IPs

8
Countries

2525 kB
Transfer

6321 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://nflowtech.com/insights/category/ecommerce/
Title: https://nflowtech.com/insights/category/ecommerce/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 30

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 36

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=846101152&utmhn=dayviews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fnflow2%2F&utmht=1686144510054&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=838954984&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=846101152&utmhn=dayviews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fnflow2%2F&utmht=1686144510054&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=838954984&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 37

http://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1704747467&utmhn=dayviews.com&utme=8(Section)9(User)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fej-inloggad%2Fmain.html&utmht=1686144510058&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qQCAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1704747467&utmhn=dayviews.com&utme=8(Section)9(User)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fej-inloggad%2Fmain.html&utmht=1686144510058&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qQCAAAAAAAAAAAAAAAAAAAAE~

Request Chain 119

https://gum.criteo.com/sid/json?origin=publishertag&domain=8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=dayviews.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=UOIgfXw5SDlYQUxJeXd0SG4yT3pUcDllSzZzd3puS0ZnVzJiZi9YNVJOYis1TFl5Um13bHJRYnB3SklTa2tWbEdJYVFqS1FLR1VnS1FRV21rY2xNM0hCMXF2UzBHSDVpVUV4TXVyOS8xV2VUN1h1V3FBTmhreEJWNWhITC9sMGUzOWhqZUNQdFZNNS94Zm1UZVFiVTZvWWxkS0hqY2pVNnF5WFdtZU1JUWcwN0Ird0cvVDFLcXAxbVNrN0JNTHVTN3NNQnpkbytNZkhMUldCSDBjeVBYZG91QnFzYlZwYVJ5Z2VMRVZ5eUY3WjEyUFJVZ1hzckV6d1ZPL1hqTEdPVW1hOXRDUkk1Wjc2VHB4MVpTRUl3a0h2cG1tQUtIaGJJWE5QaDRtM1NCcFpWTjhWV3JIeXhPRUZCWmJ5N3BLVk1heU1VZDN4U1d2Z094MFJYTVhxOWN3MzNoREZTVFhONzFyZW1ud3hYalA1aVIyMGM9fA&cppv=2

Request Chain 121

https://gum.criteo.com/sid/json?origin=publishertag&domain=8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=dayviews.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oMAQ5nxGdmQvU2FPRVVxWE9mUzQyTFdua0RSTWdxZVl4anpncGJVcndpVmkwdFF2OTJKOGFIZzIyNUZSY0tnNllERG1HaEJ3UDdMT0Nhck90R29nZnp4MmJ6YWM4Nm1vd2h5VXRXQ1dDYm1yT2dWOHRPNnhoQmtkdDRRS293RUlYWU5sSUI1d3JwdWR2R0VoV3hXR1hjdFV1S3dycEViYWs5RXFKdnFQcTA2TCs1YXdBNlVaMWV5WVVGM2R4QS9oT1NaUEgzanM1YW5CZzFsTXgxemkrQ1hHZDIzR1NYUS9qNlpKdEFOYjY1VE9FL0xXQmZBK3Bhd295eTZlRzJVVlRkM0c3S1NCRjhuZmxHK2MzWVJraFBUWXRRTThxdWttTnhCcVMzbFo4YXRTOTlLc0JCTDMxZUJXMFJTczh4WXdEcFNhYWk2WFJSSXRhQ0VES2F5YXgzU1BJK1hXcVpOU1pTbkFxQ051TncwVFg4WUU9fA&cppv=2

Request Chain 130

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 131

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeq0HBV-WPI8hGetEKG-2w&google_cver=1

Request Chain 135

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LILQWNB3-B-183R

Request Chain 136

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/HgGSj4awsKYFJbx7AkdsDg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DKRnIk9E2oI8cBMm7XWmqSbsxR3w5Dtj6i.qng--~A

Request Chain 137

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElMUVdOQjMtQi0xODNS HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBzub4P1F9CZg7rQ15AE_y0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElMUVdOQjMtQi0xODNS&google_push=

Request Chain 138

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tBYJHi07QwOKxMKsZXcMeQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tBYJHi07QwOKxMKsZXcMeQ

Request Chain 139

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ1NjAzN2M4M2NiOGQ4ZjY2ZWY1ZDNiMDY3ZWRmZGUzZTNlYzQ5NA

138 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dayviews.com/nflow2/ 74 KB
21 KB 58ms
33ms Document
text/html 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 4532aab3a4a4488a1736de8549da7a51e947792a9e298b50e0eb4113d94e6e07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Jun 2023 13:28:29 GMT
Expires: Wed, 07 Jun 2023 13:28:28 GMT
Pragma: no-cache,no-cache
Server: nginx/1.13.10
Transfer-Encoding: chunked

GET
H/1.1 200
OK css
fonts.googleapis.com/ 9 KB
1 KB 51ms
28ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

HTTP/1.1

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5edd9c5a2d1a13f43b9020471b73f39cabee9f1c0caeb7431bc3e9a90d5177d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 07 Jun 2023 13:28:29 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 07 Jun 2023 13:28:29 GMT

GET
H/1.1 200
OK dv_css_min.php
www.dayviews.com/cdn/rev-31990/ 243 KB
243 KB 38ms
13ms Stylesheet
text/css 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.dayviews.com/cdn/rev-31990/dv_css_min.php
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: d8d9ddad07ff259f8a0cbf4ed2608f8128687e21c9ba6766a337028b848b65a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 07 Jun 2023 13:28:29 GMT
Server: nginx/1.13.10
ETag: "2198386953"
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
Expires: Wed, 07 Jun 2023 13:28:28 GMT

GET
H/1.1 200
OK site_external.js Show response
cdn07.dayviews.com/cdn/dist/ 344 KB
344 KB 30ms
6ms Script
application/javascript 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn07.dayviews.com/cdn/dist/site_external.js?d27c99f45c0f8df75658e66333b30c26
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 8301d9275494e40345f022c91681788834e29726cc9703dc2f2c789ec3ed050f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:32 GMT
Server: nginx/1.13.10
ETag: "5a4420ac-55f00"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 352000
X-Proxy-Cache: HIT

GET
H/1.1 200
OK site.js Show response
cdn07.dayviews.com/cdn/dist/ 78 KB
78 KB 30ms
6ms Script
application/javascript 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn07.dayviews.com/cdn/dist/site.js?28a829274ae251b4b87611d18867551d
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 9c1f5b93fddff9878bed18ea2f5b74ca91f9e1582076e32a33ad487215d6d224

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:32 GMT
Server: nginx/1.13.10
ETag: "5a4420ac-13798"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79768
X-Proxy-Cache: HIT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
1 KB 51ms
29ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Raleway:500,400,300,200

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

HTTP/1.1

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c23438842881201a3956e1677cbdd5b4c9eafa9b5eead3eb6e2281cb49d4785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 07 Jun 2023 13:28:29 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 07 Jun 2023 13:28:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 76ms
27ms Script
text/javascript 2a00:1450:4007:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e5488b0b92b5f015dfd5cf5a95c6b6881015da1d26d1caf76a6bf2dd41347de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Wed, 07 Jun 2023 13:28:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 75 KB
25 KB 121ms
94ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4ed467a78a7f1006f8d8415c244d53cf8c4b52332c8ea5344bd738311a80f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25167
x-xss-protection: 0
server: cafe
etag: 108 / 19515 / 31075092 / config-hash: 477340865933111811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H/1.1 200
OK dayviews-com.js Show response
m.burt.io/d/ 112 KB
35 KB 92ms
27ms Script
application/javascript 18.161.97.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://m.burt.io/d/dayviews-com.js
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 18.161.97.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-97-41.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d651c8cd261190173835a410e40e856e7eee6d7c6157c525a4b161b2ef62640

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 22:34:47 GMT
Content-Encoding: gzip
Via: 1.1 feb24448bf4558d4eaf8be9cf460ac86.cloudfront.net (CloudFront)
Last-Modified: Wed, 26 Oct 2016 11:51:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MRS52-P3
Age: 53623
ETag: W/"567e844d8122a66a3ebe71226d91bf2a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: SaHvLDqIm9jEpD0EouRA5ssx-V8njdElOweVyHQxCAFoST5qD28ikQ==

GET
H/1.1 200
OK logo_small.png
cdn07.dayviews.com/cdn/img/ 3 KB
3 KB 7ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/logo_small.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 2b379518135e6f8581156616b09065c245e408ee8e393cff6ddc2786f32ab1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-b3b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
X-Proxy-Cache: HIT

GET
H/1.1 200
OK whatisthis_icon_neg.png
cdn07.dayviews.com/cdn/img/ 1 KB
1 KB 7ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/whatisthis_icon_neg.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 4f1b228f2b0df2d51a863e016dff852c9570bce6ba020712c6e4ca2bbab211ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-414"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1044
X-Proxy-Cache: HIT

GET
H/1.1 200
OK fb.png
cdn07.dayviews.com/cdn/img/ 671 B
930 B 13ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/fb.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 2b3ffd337ea7a86cb1c69b7c252d07743749e071cbdfea496c1f9a737e61e847

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-29f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 671
X-Proxy-Cache: HIT

GET
H/1.1 200
OK logo_print.png
cdn07.dayviews.com/cdn/img/ 19 KB
19 KB 13ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/logo_print.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: cc123ef11ddccd999dc109c07cc578bfa163bab97931ac3b99595518d42991ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-4bf0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19440
X-Proxy-Cache: HIT

GET
H/1.1 200
OK default_avatar_mega_M.png
cdn07.dayviews.com/cdn/img/ 4 KB
4 KB 13ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/default_avatar_mega_M.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 36b9022a35027283546e42fa64945400699e536d206e11cc4efb1116211a586c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-e67"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3687
X-Proxy-Cache: HIT

GET
H/1.1 200
OK dropdownpil.png
cdn07.dayviews.com/cdn/img/ 1 KB
1 KB 13ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/dropdownpil.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 92dd9a70cff3f638294fdbecdba1200d8e2baa6785f3b6f141842fa9586da10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-415"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1045
X-Proxy-Cache: HIT

GET
H/1.1 200
OK spacer.gif
cdn07.dayviews.com/cdn/img/ 43 B
300 B 6ms
6ms Image
image/gif 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/spacer.gif
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Proxy-Cache: HIT

GET
H/1.1 200
OK up_controll.png
cdn07.dayviews.com/cdn/img/v4/ 435 B
694 B 6ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/up_controll.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 82cc01fd8946204b20bdaa8566202d5b295a5bbf3a1feb6d57c780ab120c42a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-1b3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 435
X-Proxy-Cache: HIT

GET
H/1.1 200
OK down_controll.png
cdn07.dayviews.com/cdn/img/v4/ 468 B
727 B 7ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/down_controll.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 4a8db43ea56ce6ed88e30b4b8e7c92070de516db5cfa65fcb38ab7b66674ea48

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-1d4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 468
X-Proxy-Cache: HIT

GET
H/1.1 200
OK exempelbild_theark.jpg
cdn07.dayviews.com/cdn/img/v4/ 17 KB
17 KB 7ms
7ms Image
image/jpeg 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/exempelbild_theark.jpg
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 5ff8aef79a496e1ca41c61cb89937c10fa22f13f21161969eb01ac151d9c909e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-43ad"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17325
X-Proxy-Cache: HIT

GET
H/1.1 200
OK exempelbild_student.jpg
cdn07.dayviews.com/cdn/img/v4/ 18 KB
19 KB 7ms
6ms Image
image/jpeg 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/exempelbild_student.jpg
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: b4dc366ef619b0808f4fdf737b6e8858abca8a338f43fd67aed750c551fb4f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-49c3"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18883
X-Proxy-Cache: HIT

GET
H/1.1 200
OK ikon_profilbild.png
cdn07.dayviews.com/cdn/img/v4/ 1 KB
2 KB 7ms
7ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/ikon_profilbild.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 61b397e19761891fb95d246c32e7199e39a23c36364cc784be43ef28af79892b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-54a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1354
X-Proxy-Cache: HIT

GET
H/1.1 200
OK ikon_textedit.png
cdn07.dayviews.com/cdn/img/v4/ 1 KB
2 KB 7ms
7ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/ikon_textedit.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: c7b401b311be23e63942f24b79b85f4510c5c7b58bbbaf806c97119229427deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-56c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1388
X-Proxy-Cache: HIT

GET
H/1.1 200
OK pil_up_sandbox.png
cdn07.dayviews.com/cdn/img/ 1002 B
1 KB 6ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/pil_up_sandbox.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 5c46e555ee1f6d5909957d88d2416a2620eb44d69f19f08f80bacb00ba0d7906

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-3ea"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1002
X-Proxy-Cache: HIT

GET
H/1.1 200
OK pil_down_sandbox.png
cdn07.dayviews.com/cdn/img/v4/ 1001 B
1 KB 7ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/pil_down_sandbox.png
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 0b48c2e14311fbe0850b18c0e066158fd7cac62e1607c9780de966175ac79761

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-3e9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1001
X-Proxy-Cache: HIT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 57 KB
22 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2b79cfd1d087c2ec8511e86d4bd5ab19b2f706ab47e757212583c881276547

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 13:28:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f35377f051b05013"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:29 GMT

GET
H/1.1 200
OK dv_css_print.php
cdn07.dayviews.com/cdn/ 491 B
758 B 7ms
6ms Stylesheet
text/css 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn07.dayviews.com/cdn/dv_css_print.php
Requested by: Host: dayviews.com
URL: http://dayviews.com/nflow2/
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: f3b01e6c0f70ca9d0bfad1fbbfafd056980f01f60721791a76c802dbf7a71f78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 07 Jun 2023 13:28:28 GMT
Date: Wed, 07 Jun 2023 13:28:29 GMT
Server: nginx/1.13.10
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-Proxy-Cache: MISS

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 410 KB
164 KB 90ms
26ms Script
text/javascript 2a00:1450:4007:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Origin: http://dayviews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 07:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 07:54:26 GMT

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

76ms
19ms

Script
text/javascript

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 11:49:42 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5928
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Wed, 07 Jun 2023 13:49:42 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK divider.png
cdn07.dayviews.com/cdn/img/ 948 B
1 KB 6ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/divider.png
Requested by: Host: www.dayviews.com
URL: http://www.dayviews.com/cdn/rev-31990/dv_css_min.php
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 836f4484bede336d16f9470f2bb6c434e8c0582b7d5e104d23e14e6d3ef0cd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-3b4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway:500,400,300,200

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://dayviews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 17:07:48 GMT
X-Content-Type-Options: nosniff
Age: 332441
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 46524
X-XSS-Protection: 0
Last-Modified: Mon, 18 Jul 2022 19:58:01 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 02 Jun 2024 17:07:48 GMT

GET
H/1.1 200
OK goto_arrow_sprite.png
cdn07.dayviews.com/cdn/img/ 1 KB
2 KB 8ms
8ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/goto_arrow_sprite.png
Requested by: Host: www.dayviews.com
URL: http://www.dayviews.com/cdn/rev-31990/dv_css_min.php
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: b89dbd9f8b552f5b2c28ef7193f05b31da789e7863c399d419c025a94842cd8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-550"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1360
X-Proxy-Cache: HIT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
3 KB

40ms
7ms

Script
application/x-javascript

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b2c37ce11382f202e52157a28ad2f750c8005bf302aba23a58db171fecf99ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 13:28:30 GMT
content-md5: jNx28vwexeRuoM8TK3T9Sg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: /45VNWGYw3Gw+xXqanrQ/uqJGyQuc9LjJdtzA48Khh7VtGSodgS1DtdFFb6gBk7XW3A7y1+5G7TS4xKHEju52w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 7d9000e2ce75a70b49ec35b1b6d77550
cross-origin-opener-policy: same-origin-allow-popups
etag: "611223f7cfd34a90eba2491b48dd461b"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:41:06 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK search.png
cdn07.dayviews.com/cdn/img/ 1 KB
1 KB 6ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/search.png
Requested by: Host: www.dayviews.com
URL: http://www.dayviews.com/cdn/rev-31990/dv_css_min.php
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: b5721768997131767976fd48ceccb763070ddb558b40a36b56345faecf4a7cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-4d6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1238
X-Proxy-Cache: HIT

GET
H/1.1 200
OK gradient.php
cdn07.dayviews.com/cdn/ 820 B
1 KB 9ms
9ms Image
image/jpeg 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/gradient.php?direction=vertical&length=50&starthex=86D785&endhex=5FC05D&checksum=14d70102
Requested by: Host: www.dayviews.com
URL: http://www.dayviews.com/cdn/rev-31990/dv_css_min.php
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: e602abf0962d06f5a6113c4929e029eb9408e00b52224a046e0afe5cca113971

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 07 Jun 2023 13:28:28 GMT
Date: Wed, 07 Jun 2023 13:28:29 GMT
Server: nginx/1.13.10
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: no-cache
Connection: keep-alive
X-Proxy-Cache: MISS

GET
H/1.1 200
OK profile_defaultpic_M.png
cdn07.dayviews.com/cdn/img/v4/ 10 KB
10 KB 6ms
6ms Image
image/png 172.104.155.73
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn07.dayviews.com/cdn/img/v4/profile_defaultpic_M.png
Requested by: Host: www.dayviews.com
URL: http://www.dayviews.com/cdn/rev-31990/dv_css_min.php
Protocol: HTTP/1.1
Server: 172.104.155.73 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1671-73.members.linode.com
Software: nginx/1.13.10 /
Resource Hash: 52add654eab0e293afe697cd9bce921ea02237a2f7076a5a264fcea3c28b1973

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:29 GMT
Last-Modified: Wed, 27 Dec 2017 22:37:33 GMT
Server: nginx/1.13.10
ETag: "5a4420ad-2779"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10105
X-Proxy-Cache: HIT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/ 151 KB
53 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.WnxEgvkNgAg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O7Sgrhowig-zfKO-dPnUfkkJkpg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc03816e7ef0c4721e51a5f70a485c8ed2fc7d6c7a26a579310a4959ca3e9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 21:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53472
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 21:44:12 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 308 KB
86 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=9086defea9d020b6ca364d79f381f797

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87535d60d2d0de90aed14c4aafa0410a9c2b91cce8919c33595a5d80969700bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://dayviews.com/
Origin: http://dayviews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 13:28:30 GMT
content-md5: V9HSDPCrtNI9SpHck3bAPw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88514
x-fb-rlafr: 0
x-fb-debug: 8hgN5Zg6aL9gNjh18JpkvYbvVwLisWic2d4Bbt8aWlOUo8vxqWWXoDs0QaJ/zGdKsnT0NEf2dObqOwpNaOoVDA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d40db14695194c288a531d8a5668cfcb
cross-origin-opener-policy: same-origin-allow-popups
etag: "580034d90bb119a72b7747fd4e67a416"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 06 Jun 2024 12:33:10 GMT

GET
H2

200

__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=846101152&utmhn=dayviews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=846101152&utmhn=dayviews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayview...

35 B
198 B

21ms
21ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=846101152&utmhn=dayviews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fnflow2%2F&utmht=1686144510054&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=838954984&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Jun 2023 13:28:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=846101152&utmhn=dayviews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fnflow2%2F&utmht=1686144510054&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=838954984&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

__utm.gif
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1704747467&utmhn=dayviews.com&utme=8(Section)9(User)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&...
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1704747467&utmhn=dayviews.com&utme=8(Section)9(User)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...

35 B
119 B

20ms
20ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1704747467&utmhn=dayviews.com&utme=8(Section)9(User)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fej-inloggad%2Fmain.html&utmht=1686144510058&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qQCAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: dayviews.com
URL: http://dayviews.com/nflow2/

Protocol

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 10:21:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1704747467&utmhn=dayviews.com&utme=8(Section)9(User)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dayviews%20-%20A%20place%20for%20your%20photos.%20A%20place%20for%20your%20memories.&utmhid=1349549159&utmr=-&utmp=%2Fej-inloggad%2Fmain.html&utmht=1686144510058&utmac=UA-2094001-2&utmcc=__utma%3D47736882.418166813.1686144510.1686144510.1686144510.1%3B%2B__utmz%3D47736882.1686144510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qQCAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 406 KB
126 KB 55ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 10:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10025
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Jun 2024 10:41:25 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 191 B
659 B 88ms
41ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dayviews.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

becffd0876f38930e93fd744a31c492ee31354d83fac7531436d0a4a2cd837af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 57ms
29ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=322475795277&input_token&origin=1&redirect_uri=http%3A%2F%2Fdayviews.com%2Fnflow2%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9086defea9d020b6ca364d79f381f797

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 07 Jun 2023 13:28:30 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 1WLB/fiefbpt/2y+Vc2CmHgwYzgUCI3SZ6cBb6ePCLhio/yoHE2kqOcv7LWeGH3gAJchsLKmI7vJV02qk0sO7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dayviews.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 49ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dayviews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 86ms
30ms Script
application/javascript 2a00:1450:4007:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dayviews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
18 KB 493ms
492ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3066658063336803&correlator=2617166595214020&eid=31075092%2C31061690&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=21756427176%2Cdayviews.com_toppanorama_980x240%2Cdayviews.com_insider1_300x250%2Cdayviews.com_insider2_300x250%2Cdayviews.com_insider3_300x250%2Cdayviews.com_centerbanner_728x90%2Cdayviews.com_botpanorama_980x240-120&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=980x240%7C980x300%7C728x90%7C980x120%2C300x250%7C300x600%7C160x600%7C250x360%2C300x250%7C300x600%7C160x600%7C250x360%2C300x600%7C250x360%7C160x600%7C300x250%2C468x60%7C728x90%2C980x240%7C980x120%7C728x90%7C980x300&ifi=1&adks=835840644%2C1699121953%2C2307433742%2C937795589%2C3568745605%2C897528061&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1686144510182&lmt=1686144510&dlt=1686144509823&idt=332&adxs=175%2C1125%2C1125%2C1125%2C-9%2C-9&adys=151%2C414%2C426%2C444%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdayviews.com%2Fnflow2%2F&frm=20&vis=1&psz=1250x12%7C300x24%7C300x24%7C300x12%7C0x-1%7C0x-1&msz=1250x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=418166813.1686144510&ga_sid=1686144510&ga_hid=1349549159&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

350b9470577447e7a1b481cd99f3228f5b9b17f0802cfbbac217af6e24f18132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18408
x-xss-protection: 0
google-lineitem-id: 5087461903,5087799593,5112446155,5112446842,5112452782,5112215247
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138272662133,138272643117,138275193020,138275469208,138275176620,138275175714
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dayviews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0AE7 6 KB
3 KB 90ms
27ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:30 GMT
expires: Thu, 06 Jun 2024 13:28:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 156ms
85ms XHR
application/json 2a00:1450:4007:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a995a57410c6461fe1ff4d95fde8740bc119425be0f14cd924efbaa4657ffbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11294
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 94ms
35ms Script
text/javascript 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20A7 13 KB
5 KB 28ms
23ms Document
text/html 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 08:19:30 GMT
expires: Thu, 06 Jun 2024 08:19:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 67F1 783 B
920 B 29ms
28ms Document
text/html 2a00:1450:4007:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3c16a6058836e2a003d73ccb809af72d22fa1ca18b495ae09fe3e17c0aa342f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TY39hj-TmnNmvHZ3XILZYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-TY39hj-TmnNmvHZ3XILZYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:30 GMT
expires: Wed, 07 Jun 2023 13:28:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 67F1 0
0 104ms
58ms Image
text/html 2a00:1450:4007:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=3066658063336803&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 20A7 37 KB
14 KB 68ms
23ms Script
text/javascript 2a00:1450:4007:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 03:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 467655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 03:34:15 GMT

GET
H2 200 container.html Show response
8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 08C1 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:30 GMT
expires: Thu, 06 Jun 2024 13:28:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 63BE 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:30 GMT
expires: Thu, 06 Jun 2024 13:28:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3750 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:30 GMT
expires: Thu, 06 Jun 2024 13:28:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F471 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dayviews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:30 GMT
expires: Thu, 06 Jun 2024 13:28:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 08C1 24 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 392231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jun 2024 00:31:19 GMT

GET
H2 200 19172.js Show response
ads.rubiconproject.com/ad/ Frame 08C1 30 KB
9 KB 142ms
44ms Script
text/javascript 23.192.95.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/19172.js
Requested by: Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.95.113 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-95-113.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1357
access-control-allow-credentials: true
content-length: 8916
expires: Wed, 07 Jun 2023 13:51:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08C1 173 KB
54 KB 2159ms
2158ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:32 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 63BE 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 392231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jun 2024 00:31:19 GMT

GET
H2 200 19172.js Show response
ads.rubiconproject.com/ad/ Frame 63BE 30 KB
9 KB 171ms
78ms Script
text/javascript 23.192.95.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/19172.js
Requested by: Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.95.113 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-95-113.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1770
access-control-allow-credentials: true
content-length: 8916
expires: Wed, 07 Jun 2023 13:58:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63BE 173 KB
54 KB 2147ms
2147ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:32 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3750 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 392231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jun 2024 00:31:19 GMT

GET
H2 200 pbjs Show response
lwadm.com/lw/ Frame 3750 55 KB
22 KB 49ms
9ms Script
application/javascript 18.197.26.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece
Requested by: Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.26.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 32238e5ad2997069623b5bcfd8790f86e9a5d02f12210e41deac031a3dd37404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
etag: "|1|F6FBD84F2FEA3E85DFC94B09091A6DD6"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,no-cache
access-control-allow-credentials: true

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3750 173 KB
54 KB 2203ms
2203ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:32 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F471 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 392231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jun 2024 00:31:19 GMT

GET
H2 200 pbjs Show response
lwadm.com/lw/ Frame F471 55 KB
22 KB 46ms
8ms Script
application/javascript 18.197.26.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece
Requested by: Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.26.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 32238e5ad2997069623b5bcfd8790f86e9a5d02f12210e41deac031a3dd37404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
etag: "|1|F6FBD84F2FEA3E85DFC94B09091A6DD6"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,no-cache
access-control-allow-credentials: true

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F471 173 KB
54 KB 2199ms
2199ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63BE 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC3H28RAp_3yyf5bNZJyXQ5MnCkZQxQZJXO5xYbP3FfW86Ypu6Rv-0KzBQrPO8i9YEDp9oY4vfU62WE82tJ0Ysi0cx9xvnUnJ8q72SJGv3Mx6iYgDHMKqjg7jtYqgBDJzszHhtrfJ7sa4bd2GgCcOHeA5r33tLqR-ZuyrDe1f3vP8tbrbsdTzBLWSqW1kchAqoxw3LVAvdViQZ-r5MbV9ZaYPNMyCuAIRj5h1HzMu2kYi9Ib2ODLIZ_IorNXlZzwiPhl86zIRY3PsXa638fL20UEpdyZ7rSGY_TQVjYuC6H5MXDVupEvvcq_rLO6eBi9C-SIIbpE7DGebnGxPrdcIWb0A-SJMnEA&sai=AMfl-YSn8ijwbyacu99R60BibqcTjBZDWdbpPWbluRepMWiRB84aW9f1olqeQjqfComvsPUWKjDgkzMUWbQXYvptXWFnlQkvhgabH_PFgFm_8KjuL-1A__CKc2p0meZY81Xala63C_d4UdKCcEcG_SSn&sig=Cg0ArKJSzF0UKBGMm6NjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08C1 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOC3TrrDFHk3cRuWOcuORITH2uDMmVxGwCbzmefTjNM7fJ1noQf9ROzyQhGePDjXnl4DWuh_9wSaSnJbn-kvsohc1eDY6ztqB57Z_l6vSDokxwXazfjyPc4YnJfWGhMcqGHzbklgz1LNtFojDwrkUibQl_YgY1BYMafCxYduOeCL_GBkkaPbZwwOV8mxUYY6UbjoBtMj1kSDZAOgYaCr7PCI4dvhJj_YJ9xAw8gfnzBT2gFwbLWXRVKT4UtEjFatQxbFv3GLsRxhJLwqMkqEEG65S9uWLpCD5HnEKXDBeHRuFNt8V0_NPYy38ZAgH9nTNnSm2eeB_jC9ZV_mlTdHv5wcJ-42Ut&sai=AMfl-YT35QmNXQYdbyWdx0nxZlgx81m1qfP8bL3-wSBucvliPD8uJ6uTesxmlGIZJW30JGJfDRzMBKGNV41D3uNMdoReTsQC9H17QS0JYixL9RS6gh0ZsXJ8Ctj71qKpyhaKySeiDEB_apkBQhoK6dpn&sig=Cg0ArKJSzOMt0QDxdAG9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3750 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYVmtiTdCstVSCVDD-lvcPOP3-VHRTMdFrcAHuyvFWRqCtYZIm39Mxq1AL0upe4rF2LaLmQZeOD3Dd-_A_m5FrYoL40C_ifD4vAeEAQl08P2IGxR1A94uMbFJ0oLcrwtqEUtS1-x4v42ZpY6ZCFg2v7TX8wKfByLkI6n_R1Ioc51SgdQZzYa52IzlaEAMbcu4GK5pLrc3kHIsfLUVB-53r7okIboBr6OuzGE7HXjCJd1BKwLamrnz_GkBKVs8bswvRZg5N14dy_jiLrJKkWHdrr6VOPwSqvWnt_8Llx-258If-tt3trsxF7OJfJPjWeBzj_xINEpCbF7DYs4skvBtlFpVw96-75g&sai=AMfl-YQa7z4b83q_L75tNqWlX5fCeqoRO9mRnS-jRI6rbyn13XiVh6iYDVx8ZgaVtwtuFhboHQI2HulkZB5sj0ZtomUhXzA-FxmU2ngasgoq9C6UvJcy3wN1BmzcKgUlP_SJnjTgsGuhZ3NexmoUPk9I&sig=Cg0ArKJSzCmLAV-_A0rJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F471 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk-rxDntzHHHx3XSWiY7dtw-NI-zq-aiDeo4SZ08KQAwOuABmp_beQetXZGnm_PUWnF2K7O8TMD3liQ3mqeHPF1q3dHYVKi_Syt7Z2KExr1xH6n8uNx5OlbtWPbPgHUVic5LJo7UGnAVMGo6tHE8voKY-8EVFYsng3cgSKilxegBfKUQ4nSHXDryv4dSxTGh-aDSLcLYnlvBCnG1AXYRdjrtZOaqPIFeX1UYQdA4XFJTSoHLuB9ezoW3YZ9oDk0T41bgPMeCHWE3j2JTs8TA7rraYpSqfr9FwbU-PTlr-qna1brcr5IH9ea6sS_Xp3UTqSMQSRYWZ5K-1l7zik0H6gw9uUBA&sai=AMfl-YQirZUiyX_6AYU_5g1Nz-Abnk2a3H5s8YQwNbYWMqh8GYnFDG-uX4JvuA4QTrw1ylAiNi9G-VAx52AJMS3IHBqyFqgn04b5dvDhjltvH6S1j8GKP0wmLzG-3mMupYRMG6OL5cMao3cy9zOrZEdp&sig=Cg0ArKJSzJSPVTE0csX0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H2 200 prebid.js Show response
content.lwadm.com/lw/6.26.0.1/ Frame 3750 489 KB
126 KB 109ms
8ms Script
application/javascript 2600:9000:2490:d200:1b:7f5c:2c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Requested by: Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:1b:7f5c:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 969ca0db3b72fce997d77363ca87e6048a1865c5e11cf877f00cac97a31ca51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date: Wed, 07 Jun 2023 01:16:15 GMT
x-amz-cf-pop: FRA56-P6
age: 44400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 05:44:04 GMT
server: AmazonS3
etag: W/"8f0fff29d0b26770bb3c4ff68bb56a93"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=604800, immutable
x-amz-cf-id: 7W_CRGGifFkWdbYmvRVW4dSXnd8-QNrfXRtSVfWWi9wukoNzMdzbug==
expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3750 75 KB
25 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7243e351c451cc9fec69c49e76eae80b989905589e950283f5f73162ef5ab17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25164
x-xss-protection: 0
server: cafe
etag: 59 / 19515 / m202306010101 / config-hash: 477340865933111811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 20A7 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kM-Pug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 prebid.js Show response
content.lwadm.com/lw/6.26.0.1/ Frame F471 489 KB
126 KB 113ms
21ms Script
application/javascript 2600:9000:2490:d200:1b:7f5c:2c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Requested by: Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:1b:7f5c:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 969ca0db3b72fce997d77363ca87e6048a1865c5e11cf877f00cac97a31ca51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date: Wed, 07 Jun 2023 01:16:15 GMT
x-amz-cf-pop: FRA56-P6
age: 44400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 05:44:04 GMT
server: AmazonS3
etag: W/"8f0fff29d0b26770bb3c4ff68bb56a93"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=604800, immutable
x-amz-cf-id: M-6wLFUWzs499z4m5ERvcQbnS9GXclhLNUHIkIIP2nuiel0AKuWkyg==
expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F471 75 KB
25 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3854580d0c1289bd59058dc8179a3d0b02921315d417319e64baa10bfcef064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25198
x-xss-protection: 0
server: cafe
etag: 318 / 19515 / 31075140 / config-hash: 477340865933111811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:28:30 GMT

POST
H2 200 pbjs Show response
lwadm.com/ Frame 3750 637 B
671 B 12ms
12ms XHR
application/json 18.197.26.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/pbjs?42078013
Requested by: Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.26.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee8ae74fd57cd2d037d0a1573516f49156f061a6c0f3ff757c5bd218f74c670

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
lwadm.com/ Frame F471 637 B
672 B 12ms
11ms XHR
application/json 18.197.26.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/pbjs?31655815
Requested by: Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=7158118b-6090-4592-bc9f-02a981915ece
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.26.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8f03e0af619b36b0d068cfe6d5bc284164267a8ede1dd6e449d0647ab947683a

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 07 Jun 2023 13:28:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true

GET
H2 200 1093592-79.js Show response
smarttag.rubiconproject.com/a/19172/218454/ Frame 08C1 147 B
469 B 77ms
19ms Script
text/javascript 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/19172/218454/1093592-79.js?&cb=0.22043661598085595&tk_st=1&rf=http%3A//dayviews.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=218454_79&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/19172.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 59efbee489a060c7ca332d76be196b9417c161a19c42a822a84a82293999fbaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 147
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ Frame 3750 406 KB
125 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 09:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14962
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Jun 2024 09:19:08 GMT

GET
H2 200 1093582-10.js Show response
smarttag.rubiconproject.com/a/19172/218454/ Frame 63BE 147 B
652 B 43ms
17ms Script
text/javascript 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/19172/218454/1093582-10.js?&cb=0.16712058440379174&tk_st=1&rf=http%3A//dayviews.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=218454_10&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/19172.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 147
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 3750 483 B
1017 B 47ms
13ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:31 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 86652
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQW1hYW0ZGwyH38paPSyw23sdujDsCLLT2MJvfnGKlsLwJF9sSZRiEtJ6T41nQxBskEr85sUjvV3MsXvmKs8RT%2BNT5i%2BxZ1CNMdSzllQFK2JnMwtTQttq23p%2FpzXks92r2UpfPZiWKuCNM6g"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d393d19ff431e4b-FRA

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 114ms
24ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 07 Jun 2023 13:28:31 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 113ms
24ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 07 Jun 2023 13:28:31 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3750 309 B
458 B 23ms
16ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=218454&zone_id=1093584&size_id=15&alt_size_ids=9%2C10%2C32&eid_pubcid.org=e1027cfa-e172-477e-8685-5688359b8e66%5E1&rf=http%3A%2F%2Fdayviews.com%2F&tk_flint=pbjs_lite_v6.26.0&x_source.tid=77121e9e-d7e8-48d1-aacc-ab7e8c94b0b1&l_pb_bid_id=2f976860d9431a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7064370989115745
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e14ced7be3c3b36b851c05ea1d9bd071da76e64fb2bb8923dcf1c9f1e4f402fb

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 309
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 pb Show response
ad.360yield.com/ Frame 3750 0
403 B 173ms
75ms XHR
text/plain 52.211.7.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.7.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-7-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
date: Wed, 07 Jun 2023 13:28:31 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3750 0
565 B 125ms
76ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3750 0
243 B 89ms
28ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.26.0&cb=18967939083

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
date: Wed, 07 Jun 2023 13:28:30 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3750 0
565 B 126ms
78ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3750 19 B
874 B 29ms
9ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:31 GMT
AN-X-Request-Uuid: 115723fb-9a77-47e9-a0eb-722a540828c2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 63BE 156 B
310 B 52ms
24ms Image
image/png 23.192.95.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: 8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
URL: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.95.113 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-95-113.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:31 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 155

GET
H2 200 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 08C1 156 B
310 B 52ms
24ms Image
image/png 23.192.95.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/19172/218454/1093592-79.js?&cb=0.22043661598085595&tk_st=1&rf=http%3A//dayviews.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=218454_79&rp_secure=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.95.113 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-95-113.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:31 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 155

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame F471 483 B
1 KB 29ms
14ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:31 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 86653
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYyNjKizvrWk2lZPQGQIRlfh085FezZZYctJYJ2gRjmIbcU4pkwYUYtQ7IZ7MCctMeBjEeuwV6eyL2pUH%2BCDHxNv%2FJTTFjPO1HDCfu%2BLGLpG%2BM%2FouW6p00H2b%2B%2BsH9wX08DUx3R6PAHubjE6"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d393d19fbbe693d-FRA

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 103ms
25ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 07 Jun 2023 13:28:31 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 102ms
24ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Wed, 07 Jun 2023 13:28:31 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F471 0
565 B 135ms
87ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 pb Show response
ad.360yield.com/ Frame F471 0
136 B 116ms
31ms XHR
text/plain 52.211.7.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.7.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-7-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
date: Wed, 07 Jun 2023 13:28:31 GMT
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F471 0
566 B 124ms
76ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F471 309 B
344 B 18ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=218454&zone_id=1093588&size_id=15&alt_size_ids=9%2C10%2C32&eid_pubcid.org=e1027cfa-e172-477e-8685-5688359b8e66%5E1&rf=http%3A%2F%2Fdayviews.com%2F&tk_flint=pbjs_lite_v6.26.0&x_source.tid=daa1f17d-aa46-4d42-83d1-6f24cc3a882a&l_pb_bid_id=8c103d137d0c9c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33604205792021347
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7e5c7e118a771116767b917897eab0635b251a6b0b762d4c80383064da813826

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 309
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F471 139 B
995 B 20ms
7ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

62cd687788996aa49578acb5bbdfd93e4c30c8de18507086ba46033aced66fcc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:31 GMT
AN-X-Request-Uuid: 8e4fe886-d2cf-4547-808e-517200779cbf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F471 0
242 B 80ms
33ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.26.0&cb=33979210250

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
date: Wed, 07 Jun 2023 13:28:30 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 3750 74 KB
23 KB 114ms
99ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:31 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9G4rZUD2xNhEgZKEXYY6A%2F0QoghSNhP%2FE8XKp9DQqfMAHN8IbC8s%2F4%2BHbUhiiuaub3Vr5OHw44xlGOcjfmfgmGdc2WSUFN7xr3qVGjlzTrqrzjEK9cBovk5JI3ARj2w7xJaXKTIlox26f%2F2"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d393d1a1aaf9055-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame F471 74 KB
23 KB 142ms
128ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:31 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ9U6rzVaVHajNqmtqeliY7ZWTEAr5HNTBsM69AfoWdAWqVa5LXeqDJFvrqSpQEOY46E0qX%2F2KjUAiiA0JgVIA8tlbOvlNCJZixmXPAHHNQKiT9GnVvdLuuCBR09JFlT0%2BwBDnELCMBKI8Tr"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d393d1a2d253733-FRA

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ Frame F471 404 KB
124 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 10:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10301
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Jun 2024 10:36:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 2a00:1450:4007:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=3066658063336803&bg=!hYalhtLNAAY9J7QfHSc7ADkAdvg8WufTBq6DToSlOBKFeOoEV2CeOZbgxtOp4HhOYPNiqsCPZfwXFUISB6U4TtArYVP_EFdt0swCAAAAZ1IAAAAIaAEHCgBeZDRFXLg0GPdCktTV4RS91B1gL8fzLqP-oOnH6rDNSOzsM1TMJOP2bNwGu3j4lB2D-GiFTPcQi3qRc9zpWaCduZtte7ZFsLWPPmdW1yncJuDDf0JtNzGn8yJbTSAyE5kC3AlSv8dbFYHpEnL0G-mCo244lew-3qsbWrCrVN51TeQm7fJ03Z7lpkFJ3hQ3NmAOrCl8pz_q4-ginWeKpGj9lD0_MN0UUoeLtvkNBUgYeWrVmlr6cvgn6UxRjDMFFV5b1vU_GPXksWOLA67bIGUnW-JW2b0ZHbmcG8JVYkVgyZz7qWYENHCxiqIb--t2yESWcsb-w3L34doH2ibafWeHoJk8cNElsWeo7YJRCAWEE9VQNqCMY6p29LKUdAKV887Wt8TEjBBCBIM7_8MfRIGPiG86_d_zD2FdqDg-4kyzrXQQzs2Z8oLf_1de-2GtTsGDQMnKJsMijknWAjks1_Gr_1-98NS1tCsflNLsdcpM3ZgOIdEj3TYM0MvSQFE7jo84bZI7Rrm4fgE7H9EvD3G1AKVFtfECCGWfcGvfWQySl16yTm4ojmxrP_F3w2Uu6TAEE0mSEoj_eWfkDaa9vjzrp0-7ZVJa0Z37vG52JGek2mLUAlFNyGLjV06o0FbJzDPM2arzuUdbA0_HAukqCDg1sFps7_4fC55GYavh7svBm7NSfjcxy0rWJ3SPbE0PxCEmNiFXZtG2C90hoZpc-m28AAIuGjpCLXHZ-SJaFAAzLx32Q3k_D8Myog8UTnZu3isveMimWNoSIra4VWWJ_id93Lci8I4zAKctBLxZGH0qsqHbgZ-Mhacna6b4-9YYwurr34XV3T4DHWTYgxNf8auW5oO1w7O-F9lh5JhQfhTA12bYJi10KPpnZn4y8MrXVOxG9OlIg0PdRgxnHYDDnL9zvAC8RLEOk62TeLc1zCFI0jsRCC1xQ10BPuTdtutrVHPfQW6JbUQ5Llrlg-E2ts75rUNqlCvV-bBv4reLf4bnqx42jlDYQpJVO4Hp0pyLYMpxmBPah3HzSFglSKKdkxktMktkx5iNo05dBXP86q57qp3hJhmxIXBqDDCmRC62kPG9dARlbMwboa65rjA-0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dayviews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

POST
H2 200 10 Show response
lwadm.com/analytics/ Frame 3750 0
316 B 26ms
9ms XHR
text/plain 18.197.26.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/analytics/10
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.26.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 13:28:31 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true

POST
H2 200 10 Show response
lwadm.com/analytics/ Frame F471 0
317 B 17ms
8ms XHR
text/plain 18.197.26.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/analytics/10
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.26.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-26-132.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 13:28:31 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3750 87 KB
28 KB 90ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 13:28:32 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame F471 87 KB
28 KB 86ms
40ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 13:28:32 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3750 87 KB
28 KB 75ms
42ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 13:28:32 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame F471 87 KB
28 KB 54ms
32ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 13:28:32 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63BE 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvDlxAYUUJYrAovaLItyTKaZrwHbyB5BLhww8bxWVljwrPRF2yeZf-mMG1apYrlRJUNsJH0VeucDxIg-nrPx4_-e9h6_M3KvGXF3EBDCMXOSyu8zS5XUwZyqNGA-SpjNtZy-vX5v78GXHw6RwQDjN2UD7VSHaBWFbf0r9uWcuofyvUN9AoPL0KPBruLofK8u76izK7Dhx24gr9qtfQk95tpjSzAZZ914PcHbBYNtOrJmHi7I1TgNrJV-XpjiVK2VcZs9X9aM16m1GJtYcgxeTt6yi1hNi7VgLOhHa7shRQew_rMQUJFDUTmeYdvebmZk-ttaN3L96pwTJxX7O1NNIywSXAz0ZmGTOw&sai=AMfl-YTiWyqp_BPiqdUXN-SB4_iaSvwmU6EUAWgLuE67FHAvUvImXvLt7TPPgjFWWyerb4vmD6LUYpfi4osm1Mc5g1ihJUaInCWEJdLy6GIerEtTr_NIkMlo0DURLgMiC1kDFsNJ6MPZJzpMUS5x5OBJ&sig=Cg0ArKJSzKZOTMmopHIQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08C1 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC5GU9sf2dMghtS01tsHwdSMjdFKo3dRE4Uwj4U2wmTOyDxxHYNtfd6M1AAzh8URfgqEitK-BQFI3LSV_nSBbvDU8v1z_IugdtXvRgaoiouy_c1rEvgp6NpSqq2RaYDQggrOYTxIEaYKRGQl9m-5Eo9lq9hYh_AyqRaxMwfvfrcylXV63U-XRj8zXhefz5BhDFWEc22K6Rs4_on2ec82ZQLsIm7Ug8PzcRDEPTBoROf-JorWK03Amf5CwITkAHzFaMEOcy_6aHpSW-8Zoz4fdSE7f1RZss1YWoQ8ALSKjfaNprxOe2CpnlCGSBrWyz81izccW7eUib72hnGQxwApHpQYttS92JxBY&sai=AMfl-YTFzVyL7v-NjPw8PXxjIOO6dS4ZzsMfKfjcs4SQsSM4n7abnyBhvlit-MTNPpZhrakof0oed2ssAcyJ3WwMgiU7zBe_JohI_WTjeynquUgrRy02fyLgtstQGGhPagRgYvbPxRQEZGzT0-sfn5o2&sig=Cg0ArKJSzEG76DvgD3XREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:32 GMT

GET
DATA 200
OK truncated
/ Frame 63BE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eebf6eb0b22491e4a9d13f59ec69deee57cef30a480f85de4798b36e2452455c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 08C1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5d434dd233acc6aa3da42349005916c35b39a4fbdf58edc76677b0ed83f4a05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6A3E 15 KB
6 KB 50ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dayviews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 351909
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame F471 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ebea3d81bfd9e12f11c6f76a040f1fe32efd2fd7180da30b09e1a76677e98ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 937A 15 KB
6 KB 49ms
20ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dayviews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:28:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 608477
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3750 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6610b7200fca40e7285d76cbf1422b03bc2ff65fed4ca93beebd34a347133212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6A3E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=dayviews.com&lsw=1&topicsavail=0&fledgeava...
https://mug.criteo.com/sid?cpp=UOIgfXw5SDlYQUxJeXd0SG4yT3pUcDllSzZzd3puS0ZnVzJiZi9YNVJOYis1TFl5Um13bHJRYnB3SklTa2tWbEdJYVFqS1FLR1VnS1FRV21rY2xNM0hCMXF2UzBHSDVpVUV4TXVyOS8xV2VUN1h1V3FBTmhreEJWNWhITC...

433 B
653 B

83ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=UOIgfXw5SDlYQUxJeXd0SG4yT3pUcDllSzZzd3puS0ZnVzJiZi9YNVJOYis1TFl5Um13bHJRYnB3SklTa2tWbEdJYVFqS1FLR1VnS1FRV21rY2xNM0hCMXF2UzBHSDVpVUV4TXVyOS8xV2VUN1h1V3FBTmhreEJWNWhITC9sMGUzOWhqZUNQdFZNNS94Zm1UZVFiVTZvWWxkS0hqY2pVNnF5WFdtZU1JUWcwN0Ird0cvVDFLcXAxbVNrN0JNTHVTN3NNQnpkbytNZkhMUldCSDBjeVBYZG91QnFzYlZwYVJ5Z2VMRVZ5eUY3WjEyUFJVZ1hzckV6d1ZPL1hqTEdPVW1hOXRDUkk1Wjc2VHB4MVpTRUl3a0h2cG1tQUtIaGJJWE5QaDRtM1NCcFpWTjhWV3JIeXhPRUZCWmJ5N3BLVk1heU1VZDN4U1d2Z094MFJYTVhxOWN3MzNoREZTVFhONzFyZW1ud3hYalA1aVIyMGM9fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

451c963e2113727c587528100abf4fa668c5a931ce9b5269e143f4ab17df5f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1251958
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=UOIgfXw5SDlYQUxJeXd0SG4yT3pUcDllSzZzd3puS0ZnVzJiZi9YNVJOYis1TFl5Um13bHJRYnB3SklTa2tWbEdJYVFqS1FLR1VnS1FRV21rY2xNM0hCMXF2UzBHSDVpVUV4TXVyOS8xV2VUN1h1V3FBTmhreEJWNWhITC9sMGUzOWhqZUNQdFZNNS94Zm1UZVFiVTZvWWxkS0hqY2pVNnF5WFdtZU1JUWcwN0Ird0cvVDFLcXAxbVNrN0JNTHVTN3NNQnpkbytNZkhMUldCSDBjeVBYZG91QnFzYlZwYVJ5Z2VMRVZ5eUY3WjEyUFJVZ1hzckV6d1ZPL1hqTEdPVW1hOXRDUkk1Wjc2VHB4MVpTRUl3a0h2cG1tQUtIaGJJWE5QaDRtM1NCcFpWTjhWV3JIeXhPRUZCWmJ5N3BLVk1heU1VZDN4U1d2Z094MFJYTVhxOWN3MzNoREZTVFhONzFyZW1ud3hYalA1aVIyMGM9fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 328942
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F471 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE2ZSBrHem5lAc208t0WAmcCpJEw-Zb5hVH1X3tEMxDt9Ytz9vn-7UJdr0kpNb0Go5bSl3mJ5Jb4J_QrYlc3I0Og14BH9vYZewsoFaXmM-q8cCPqc9120Lv0YJ-svjLDtKHAoWhJIgGI4AAYE1ICf2-CuEZV83JTebMeR5il0azmvP33OMeIBT4PpsJ7ySmrKgwqlR4S4cpZY45ph0Upakpnj5ZEdD-V0yfEHVbI8fWX59cplpCDyfWS1xyWla6u02gSNLoNha0maX_rO1BIbo6Hpbtq-MMlJ80G6GSxT1NDI6Njr7Ov1V3J_ESX5-PtEvZg6AMTMqSU9TWQ9Q8QMAqSzLP_7e&sai=AMfl-YQSxnlvtoNBvphCzx3h0HwvYflrBWZg0gllFCJ3vNVkdGm2xKZdYPqsy9eoCBz8Bd1mL_M5zcJGQDdTaPTQ8b3RDBiKpi0cmZbtrlabnITg-_vuUoLeqZG-4QGDs6eqe4HtFmpAAYaaYYLZquVo&sig=Cg0ArKJSzGQOiJ1QevhaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:33 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 937A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=dayviews.com&lsw=1&topicsavail=0&fledgeava...
https://mug.criteo.com/sid?cpp=oMAQ5nxGdmQvU2FPRVVxWE9mUzQyTFdua0RSTWdxZVl4anpncGJVcndpVmkwdFF2OTJKOGFIZzIyNUZSY0tnNllERG1HaEJ3UDdMT0Nhck90R29nZnp4MmJ6YWM4Nm1vd2h5VXRXQ1dDYm1yT2dWOHRPNnhoQmtkdDRRS2...

422 B
652 B

73ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oMAQ5nxGdmQvU2FPRVVxWE9mUzQyTFdua0RSTWdxZVl4anpncGJVcndpVmkwdFF2OTJKOGFIZzIyNUZSY0tnNllERG1HaEJ3UDdMT0Nhck90R29nZnp4MmJ6YWM4Nm1vd2h5VXRXQ1dDYm1yT2dWOHRPNnhoQmtkdDRRS293RUlYWU5sSUI1d3JwdWR2R0VoV3hXR1hjdFV1S3dycEViYWs5RXFKdnFQcTA2TCs1YXdBNlVaMWV5WVVGM2R4QS9oT1NaUEgzanM1YW5CZzFsTXgxemkrQ1hHZDIzR1NYUS9qNlpKdEFOYjY1VE9FL0xXQmZBK3Bhd295eTZlRzJVVlRkM0c3S1NCRjhuZmxHK2MzWVJraFBUWXRRTThxdWttTnhCcVMzbFo4YXRTOTlLc0JCTDMxZUJXMFJTczh4WXdEcFNhYWk2WFJSSXRhQ0VES2F5YXgzU1BJK1hXcVpOU1pTbkFxQ051TncwVFg4WUU9fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

74b7e255cf0c74dc2fbc315367d8fe22aa21d4f3dfea5b6ff8b9e3dee4eb23f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1015446
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=oMAQ5nxGdmQvU2FPRVVxWE9mUzQyTFdua0RSTWdxZVl4anpncGJVcndpVmkwdFF2OTJKOGFIZzIyNUZSY0tnNllERG1HaEJ3UDdMT0Nhck90R29nZnp4MmJ6YWM4Nm1vd2h5VXRXQ1dDYm1yT2dWOHRPNnhoQmtkdDRRS293RUlYWU5sSUI1d3JwdWR2R0VoV3hXR1hjdFV1S3dycEViYWs5RXFKdnFQcTA2TCs1YXdBNlVaMWV5WVVGM2R4QS9oT1NaUEgzanM1YW5CZzFsTXgxemkrQ1hHZDIzR1NYUS9qNlpKdEFOYjY1VE9FL0xXQmZBK3Bhd295eTZlRzJVVlRkM0c3S1NCRjhuZmxHK2MzWVJraFBUWXRRTThxdWttTnhCcVMzbFo4YXRTOTlLc0JCTDMxZUJXMFJTczh4WXdEcFNhYWk2WFJSSXRhQ0VES2F5YXgzU1BJK1hXcVpOU1pTbkFxQ051TncwVFg4WUU9fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 302643
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3750 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWWMYUqmZ5EQ_9xx8Jv_JK_y9kHfOcKlfF2m2gFzGrKENh1ujRl0Z-H9xw7cyYRVKP-UEzDinPl7xdoVBPf7esAH5vmNjBf0zkw3pN04DJEc02oULla1IMCInWf_PIXDKd4f0Mlw1A1eCndbv_c-RTeyA6S8WV9D95yIRhfWECZPhBe0EbfY3wqUTPb3jU-AQ0B3216Tw8WQvVvOEoGBOJKX-uHY_8e3q7_TJrKr-FwD_Pj0rGsqHeBdv_nXus3gU_xyTHiKadl4KpwLJ33LfV8C-QDT9yp7FyD4P1Q4kxDfQJpyl72_RxnGzRQ92C2a8aF3gKLTHtNTQVJMk_lnsoyekiyYbu23mC&sai=AMfl-YTc2HCp-XUkaQQgV5nuZdfBbHGZDkesa0o73zaltntpqFKh47Z60_KOkTjz2loiM_jvrZhMsl-az96DEtABA7iCAScUx4yAKtP3LNjmVylbvIiJhf4swKzoVlN2H5Yl-Srrz4ZdT8c_7AOEb_7F&sig=Cg0ArKJSzEgJfoBbJ1CIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:28:33 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08C1 42 B
174 B 61ms
59ms Fetch
image/gif 2a00:1450:4007:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstplYpTIaSh4Y_RoH5pjQgMcONJJDZocec-cWmGl8j9c4-Tx3PgzuyHaSpCRX-88-jd0fPVsCrCmEYK_aWYt643UuKThRrCHxVK_QCm0SEF6QLaIa-s&sig=Cg0ArKJSzMGL_dWDuDtHEAE&id=lidar2&mcvt=1000&p=151,175,451,1155&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=19&adk=835840644&rs=4&la=1&cr=0&vs=4&r=v&rst=1686144510704&rpt=2265&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3750 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4007:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaYdiGg1fNFklgoVTZaG60h7PtfZ7BYKN1QaVrkqZCdONZpeS9XsvOKVBCEfSADFFnEl5nZghoorKf1Tokc3koULRT9ukY7bjk_oDfG2jrX9G_JHkq&sig=Cg0ArKJSzM22OiYDix28EAE&id=lidar2&mcvt=1000&p=688,1125,1288,1425&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=0.85&if=1&vu=1&app=0&itpl=19&adk=2307433742&rs=4&la=0&cr=0&vs=4&r=v&rst=1686144510724&rpt=2387&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 87B8 52 KB
17 KB 37ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 19806
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 07 Jun 2023 13:28:34 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 24 May 2023 07:58:00 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1992, 149193
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230123-FRA
X-Timer: S1686144514.285047,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7EB0 281 B
554 B 37ms
7ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Jun 2023 13:28:34 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 53AC 52 KB
17 KB 29ms
8ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 19806
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 07 Jun 2023 13:28:34 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 24 May 2023 07:58:00 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1992, 137908
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230106-FRA
X-Timer: S1686144514.285752,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 42A2 281 B
554 B 28ms
7ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/6.26.0.1/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Jun 2023 13:28:34 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7EB0 34 KB
10 KB 9ms
8ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 16:53:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12352
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 07 Jun 2023 16:54:26 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 87B8
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
931 B

50ms
50ms

Script
text/html

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:34 GMT
AN-X-Request-Uuid: 42c19961-fd72-4106-87cd-2b76fa2de191
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:34 GMT
AN-X-Request-Uuid: 2373645d-4314-47fc-925e-59f6b771cb75
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 53AC
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
931 B

7ms
7ms

Script
text/html

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:34 GMT
AN-X-Request-Uuid: c6d9309e-b53e-484f-be10-d3570ea77687
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:34 GMT
AN-X-Request-Uuid: 0e7647fe-40d9-4415-9730-6dda7ea7a209
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 42A2 34 KB
10 KB 13ms
13ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:28:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 16:53:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12352
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 07 Jun 2023 16:54:26 GMT

GET dcm
s.amazon-adsystem.com/ Frame 7EB0 0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7EB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeq0HBV-WPI8hGetEKG-2w&google_cver=1

0
239 B

48ms
8ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeq0HBV-WPI8hGetEKG-2w&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeq0HBV-WPI8hGetEKG-2w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7EB0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LILQWNB3-B-183R

0
649 B

198ms
182ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LILQWNB3-B-183R
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:28:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9F8AD6754726403A805C362B5302BB52 Ref B: FRAEDGE1912 Ref C: 2023-06-07T13:28:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9ihzWbw3WbvpNXa83vw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LILQWNB3-B-183R
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7EB0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/HgGSj4awsKYFJbx7AkdsDg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DKRnIk9E2oI8cBMm7XWmqSbsxR3w5Dtj6i.qng--~A

0
239 B

8ms
8ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DKRnIk9E2oI8cBMm7XWmqSbsxR3w5Dtj6i.qng--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 07 Jun 2023 13:28:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DKRnIk9E2oI8cBMm7XWmqSbsxR3w5Dtj6i.qng--~A
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EB0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElMUVdOQjMtQi0xODNS
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBzub4P1F9CZg7rQ15AE_y0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElMUVdOQjMtQi0xODNS&google_push=

170 B
232 B

30ms
30ms

Image
image/png

142.250.75.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElMUVdOQjMtQi0xODNS&google_push=

Protocol

Server

142.250.75.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElMUVdOQjMtQi0xODNS&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7EB0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tBYJHi07QwOKxMKsZXcMeQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tBYJHi07QwOKxMKsZXcMeQ

43 B
479 B

43ms
43ms

Image
image/gif

67.220.226.232

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tBYJHi07QwOKxMKsZXcMeQ

Protocol

HTTP/1.1

Server

67.220.226.232 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:28:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CQE53XEYZES7ZGN2XDQY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tBYJHi07QwOKxMKsZXcMeQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EB0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ1NjAzN2M4M2NiOGQ4ZjY2ZWY1ZDNiMDY3ZWRmZGUzZTNlYzQ5NA

170 B
243 B

29ms
29ms

Image
image/png

142.250.75.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ1NjAzN2M4M2NiOGQ4ZjY2ZWY1ZDNiMDY3ZWRmZGUzZTNlYzQ5NA

Protocol

Server

142.250.75.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:28:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ1NjAzN2M4M2NiOGQ4ZjY2ZWY1ZDNiMDY3ZWRmZGUzZTNlYzQ5NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7EB0 70 B
265 B 155ms
32ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Jun 2023 13:28:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dayviews.com/	1970-01-20 12:22:55	Name: ub_counter_real Value: 1
dayviews.com/	1969-12-31 23:59:59	Name: dv_anonymous_sessionid Value: 255532408
.dayviews.com/	1969-12-31 23:59:59	Name: dst Value: 0
.dayviews.com/	1969-12-31 23:59:59	Name: tz_offset Value: 0
.dayviews.com/	1970-01-20 21:58:24	Name: __utma Value: 47736882.418166813.1686144510.1686144510.1686144510.1
.dayviews.com/	1969-12-31 23:59:59	Name: __utmc Value: 47736882
.dayviews.com/	1970-01-20 16:45:12	Name: __utmz Value: 47736882.1686144510.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.dayviews.com/	1970-01-20 12:22:25	Name: __utmt Value: 1
.dayviews.com/	1970-01-20 12:22:26	Name: __utmb Value: 47736882.2.10.1686144510
.dayviews.com/	1970-01-20 21:44:00	Name: __gads Value: ID=dc6bc157e254257a:T=1686144510:RT=1686144510:S=ALNI_MasrGrROcZkQ5XaXaU8bpjDexHadQ
.dayviews.com/	1970-01-20 21:44:00	Name: __gpi Value: UID=00000c3f8a3e66b7:T=1686144510:RT=1686144510:S=ALNI_MYpI0ueIeXTZYkpTyus4WSu5-DBhA
.doubleclick.net/	1970-01-20 21:44:00	Name: IDE Value: AHWqTUn56rPgNWkC93-_puc-X2WEjLkC4M5sWvrz3O4O8YcpJ0RvNd5JwHGiktKm4Wg
.rubiconproject.com/	1970-01-20 21:08:00	Name: khaos Value: LILQWNB3-B-183R
.rubiconproject.com/	1970-01-20 21:08:00	Name: audit Value: 1\|naVuGyos1qqJqqD8o3K0bfsKGGM1eolu5vVtDhgOVUPn/4TLQE0M/3jrG9GE+ZTOxXz8FcbQZa5ymPvo8plePzv6pkBXl7MoY/3xx1fasQI=
.360yield.com/	1970-01-20 14:32:00	Name: tuuid Value: 708d40d3-4a48-4573-b54c-a32606fc679f
.360yield.com/	1970-01-20 14:32:00	Name: tuuid_lu Value: 1686144511
.criteo.com/	1970-01-20 21:44:00	Name: uid Value: adf8dbb1-7e2e-4766-8367-2dd325eaf53b
.adnxs.com/	1970-01-20 14:32:00	Name: uuid2 Value: 8305024280848507206

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8366f87545530eaea6927f5d274768b1.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
adx.adform.net
apis.google.com
bidder.criteo.com
cdn07.dayviews.com
cm.g.doubleclick.net
connect.facebook.net
content.lwadm.com
dayviews.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
lwadm.com
m.burt.io
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
static.criteo.net
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
www.dayviews.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
s.amazon-adsystem.com
142.250.75.226
15.197.193.217
151.101.129.108
172.104.155.73
178.250.7.13
18.161.97.41
18.197.26.132
23.192.95.113
23.201.255.110
2600:9000:2490:d200:1b:7f5c:2c80:93a1
2602:803:c003:200::41
2606:4700:20::ac43:4bf1
2620:1ec:21::14
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4007:806::2002
2a00:1450:4007:80c::200a
2a00:1450:4007:80d::2002
2a00:1450:4007:80e::2003
2a00:1450:4007:813::2001
2a00:1450:4007:81a::2001
2a00:1450:4007:81a::2004
2a00:1450:400c:c00::9c
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:3dfe:b416:be63:4860
37.157.3.30
37.252.171.149
52.211.7.73
67.220.226.232
69.173.144.139
69.173.144.165
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b48c2e14311fbe0850b18c0e066158fd7cac62e1607c9780de966175ac79761
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b
2b379518135e6f8581156616b09065c245e408ee8e393cff6ddc2786f32ab1f0
2b3ffd337ea7a86cb1c69b7c252d07743749e071cbdfea496c1f9a737e61e847
32238e5ad2997069623b5bcfd8790f86e9a5d02f12210e41deac031a3dd37404
350b9470577447e7a1b481cd99f3228f5b9b17f0802cfbbac217af6e24f18132
36b9022a35027283546e42fa64945400699e536d206e11cc4efb1116211a586c
3a2b79cfd1d087c2ec8511e86d4bd5ab19b2f706ab47e757212583c881276547
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d651c8cd261190173835a410e40e856e7eee6d7c6157c525a4b161b2ef62640
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
451c963e2113727c587528100abf4fa668c5a931ce9b5269e143f4ab17df5f61
4532aab3a4a4488a1736de8549da7a51e947792a9e298b50e0eb4113d94e6e07
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a8db43ea56ce6ed88e30b4b8e7c92070de516db5cfa65fcb38ab7b66674ea48
4a995a57410c6461fe1ff4d95fde8740bc119425be0f14cd924efbaa4657ffbc
4f1b228f2b0df2d51a863e016dff852c9570bce6ba020712c6e4ca2bbab211ad
52add654eab0e293afe697cd9bce921ea02237a2f7076a5a264fcea3c28b1973
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
59efbee489a060c7ca332d76be196b9417c161a19c42a822a84a82293999fbaf
5b2c37ce11382f202e52157a28ad2f750c8005bf302aba23a58db171fecf99ea
5c46e555ee1f6d5909957d88d2416a2620eb44d69f19f08f80bacb00ba0d7906
5edd9c5a2d1a13f43b9020471b73f39cabee9f1c0caeb7431bc3e9a90d5177d0
5ff8aef79a496e1ca41c61cb89937c10fa22f13f21161969eb01ac151d9c909e
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61b397e19761891fb95d246c32e7199e39a23c36364cc784be43ef28af79892b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cd687788996aa49578acb5bbdfd93e4c30c8de18507086ba46033aced66fcc
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6610b7200fca40e7285d76cbf1422b03bc2ff65fed4ca93beebd34a347133212
6c23438842881201a3956e1677cbdd5b4c9eafa9b5eead3eb6e2281cb49d4785
7243e351c451cc9fec69c49e76eae80b989905589e950283f5f73162ef5ab17f
73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46
74b7e255cf0c74dc2fbc315367d8fe22aa21d4f3dfea5b6ff8b9e3dee4eb23f5
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7e5c7e118a771116767b917897eab0635b251a6b0b762d4c80383064da813826
82cc01fd8946204b20bdaa8566202d5b295a5bbf3a1feb6d57c780ab120c42a1
8301d9275494e40345f022c91681788834e29726cc9703dc2f2c789ec3ed050f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836f4484bede336d16f9470f2bb6c434e8c0582b7d5e104d23e14e6d3ef0cd6c
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
87535d60d2d0de90aed14c4aafa0410a9c2b91cce8919c33595a5d80969700bf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5488b0b92b5f015dfd5cf5a95c6b6881015da1d26d1caf76a6bf2dd41347de
8ebea3d81bfd9e12f11c6f76a040f1fe32efd2fd7180da30b09e1a76677e98ed
8f03e0af619b36b0d068cfe6d5bc284164267a8ede1dd6e449d0647ab947683a
92dd9a70cff3f638294fdbecdba1200d8e2baa6785f3b6f141842fa9586da10b
969ca0db3b72fce997d77363ca87e6048a1865c5e11cf877f00cac97a31ca51f
9c1f5b93fddff9878bed18ea2f5b74ca91f9e1582076e32a33ad487215d6d224
a3854580d0c1289bd59058dc8179a3d0b02921315d417319e64baa10bfcef064
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4dc366ef619b0808f4fdf737b6e8858abca8a338f43fd67aed750c551fb4f26
b5721768997131767976fd48ceccb763070ddb558b40a36b56345faecf4a7cf5
b89dbd9f8b552f5b2c28ef7193f05b31da789e7863c399d419c025a94842cd8a
bcc03816e7ef0c4721e51a5f70a485c8ed2fc7d6c7a26a579310a4959ca3e9d7
becffd0876f38930e93fd744a31c492ee31354d83fac7531436d0a4a2cd837af
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c16a6058836e2a003d73ccb809af72d22fa1ca18b495ae09fe3e17c0aa342f
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c7b401b311be23e63942f24b79b85f4510c5c7b58bbbaf806c97119229427deb
cc123ef11ddccd999dc109c07cc578bfa163bab97931ac3b99595518d42991ee
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d8d9ddad07ff259f8a0cbf4ed2608f8128687e21c9ba6766a337028b848b65a5
e14ced7be3c3b36b851c05ea1d9bd071da76e64fb2bb8923dcf1c9f1e4f402fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e602abf0962d06f5a6113c4929e029eb9408e00b52224a046e0afe5cca113971
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eebf6eb0b22491e4a9d13f59ec69deee57cef30a480f85de4798b36e2452455c
eee8ae74fd57cd2d037d0a1573516f49156f061a6c0f3ff757c5bd218f74c670
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b01e6c0f70ca9d0bfad1fbbfafd056980f01f60721791a76c802dbf7a71f78
f4ed467a78a7f1006f8d8415c244d53cf8c4b52332c8ea5344bd738311a80f38
f5d434dd233acc6aa3da42349005916c35b39a4fbdf58edc76677b0ed83f4a05

dayviews.com Open in urlscan Pro 172.104.155.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

138 Requests

68 %HTTPS

61 %IPv6

23 Domains

43 Subdomains

37 IPs

8 Countries

2525 kBTransfer

6321 kBSize

18 Cookies

1 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

dayviews.com Open in urlscan Pro
172.104.155.73 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

68 %
HTTPS

61 %
IPv6

23
Domains

43
Subdomains

37
IPs

8
Countries

2525 kB
Transfer

6321 kB
Size

18
Cookies

138 HTTP transactions
4 data transactions